cve/2023/CVE-2023-5427.md

### [CVE-2023-5427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5427)
![](https://img.shields.io/static/v1?label=Product&message=Arm%205th%20Gen%20GPU%20Architecture%20Kernel%20%20Driver&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Bifrost%20GPU%20Kernel%20Driver&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Valhall%20GPU%20Kernel%20Driver&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%20Use%20After%20Free&color=brighgreen)

### Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

### POC

#### Reference
- http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds