PT-2021-19512 · Imagination Technologies+1 · Pvrsrvkm.Ko+2

Ayaz Mammadov

Published

2021-04-24

Updated

2021-05-06

CVE-2021-31795

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PowerVR GPU kernel driver versions through 2021-04-24

Description The issue allows attackers to overwrite heap memory via PhysmemNewRamBackedPMR. This affects the PowerVR GPU kernel driver in pvrsrvkm.ko for the Linux kernel, as used on Alcatel 1S phones.

Recommendations For versions through 2021-04-24, consider disabling the PhysmemNewRamBackedPMR function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2021-31795

Affected Products

Alcatel 1S

Powervr Kernel Driver

Pvrsrvkm.Ko

PT-2021-19512 · Imagination Technologies+1 · Pvrsrvkm.Ko+2

CVE-2021-31795

Weakness Enumeration

Related Identifiers

Affected Products

References · 6