From 782449568c2d376bd87f69c624b29ad8d29dcfbb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 3 Feb 2025 11:00:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/6xxx/CVE-2024-6790.json | 190 ++++++++++++++++++++++++++++++++++- 2025/0xxx/CVE-2025-0015.json | 142 +++++++++++++++++++++++++- 2025/0xxx/CVE-2025-0981.json | 18 ++++ 2025/0xxx/CVE-2025-0982.json | 18 ++++ 4 files changed, 358 insertions(+), 10 deletions(-) create mode 100644 2025/0xxx/CVE-2025-0981.json create mode 100644 2025/0xxx/CVE-2025-0982.json diff --git a/2024/6xxx/CVE-2024-6790.json b/2024/6xxx/CVE-2024-6790.json index 50fad22af97..652a0ff272e 100644 --- a/2024/6xxx/CVE-2024-6790.json +++ b/2024/6xxx/CVE-2024-6790.json @@ -1,18 +1,198 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6790", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "arm-security@arm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')", + "cweId": "CWE-835" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Arm Ltd", + "product": { + "product_data": [ + { + "product_name": "Bifrost GPU Kernel Driver", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "version": "r44p1", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r49p1", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r49p0", + "status": "affected", + "version": "r46p0", + "versionType": "patch" + }, + { + "lessThanOrEqual": "r51p0", + "status": "affected", + "version": "r50p0", + "versionType": "patch" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Valhall GPU Kernel Driver", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "version": "r44p1", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r49p1", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r49p0", + "status": "affected", + "version": "r46p0", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r52p0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r51p0", + "status": "affected", + "version": "r50p0", + "versionType": "patch" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Arm 5th Gen GPU Architecture Kernel Driver", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "version": "r44p1", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r49p1", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r49p0", + "status": "affected", + "version": "r46p0", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r52p0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r51p0", + "status": "affected", + "version": "r50p0", + "versionType": "patch" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", + "refsource": "MISC", + "name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in the Bifrost GPU Kernel Driver r49p1, in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r52p0. Users are recommended to upgrade if they are impacted by this issue.
" + } + ], + "value": "This issue is fixed in the Bifrost GPU Kernel Driver r49p1, in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p1 and r52p0. Users are recommended to upgrade if they are impacted by this issue." + } + ] } \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0015.json b/2025/0xxx/CVE-2025-0015.json index 60c316b1b03..9b4b5290ac4 100644 --- a/2025/0xxx/CVE-2025-0015.json +++ b/2025/0xxx/CVE-2025-0015.json @@ -1,18 +1,150 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0015", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "arm-security@arm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416 Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Arm Ltd", + "product": { + "product_data": [ + { + "product_name": "Valhall GPU Kernel Driver", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "r49p2", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r49p1", + "status": "affected", + "version": "r48p0", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r53p0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r52p0", + "status": "affected", + "version": "r50p0", + "versionType": "patch" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Arm 5th Gen GPU Architecture Kernel Driver", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "r49p2", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r49p1", + "status": "affected", + "version": "r48p0", + "versionType": "patch" + }, + { + "changes": [ + { + "at": "r53p0", + "status": "unaffected" + } + ], + "lessThanOrEqual": "r52p0", + "status": "affected", + "version": "r50p0", + "versionType": "patch" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", + "refsource": "MISC", + "name": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "This issue is fixed in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p2 and r53p0. Users are recommended to upgrade if they are impacted by this issue.
" + } + ], + "value": "This issue is fixed in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p2 and r53p0. Users are recommended to upgrade if they are impacted by this issue." + } + ] } \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0981.json b/2025/0xxx/CVE-2025-0981.json new file mode 100644 index 00000000000..b8d5a6e31da --- /dev/null +++ b/2025/0xxx/CVE-2025-0981.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0981", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0982.json b/2025/0xxx/CVE-2025-0982.json new file mode 100644 index 00000000000..7be3685601b --- /dev/null +++ b/2025/0xxx/CVE-2025-0982.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0982", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file