CVE-2024-47892: GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA)
Description
Software installed and run as a non-privileged user may conduct GPU system calls to read and write freed physical memory from the GPU.
Classification
CVE ID: CVE-2024-47892
Affected Products
Vendor: Imagination Technologies
Product: Graphics DDK
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.48% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)