PT-2023-12640 · Google+1 · Android+1
Published
2023-01-24
·
Updated
2023-08-08
·
CVE-2022-20235
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Android SoC versions prior to DDK 1.18
Description
The PowerVR GPU kernel driver has a flaw in its cache subsystem, specifically with the "Information Page" that can be written to by user-space programs prior to DDK 1.18, leading to memory corruption issues.
Recommendations
For Android SoC versions prior to DDK 1.18, update to DDK 1.18 or later to resolve the issue. As a temporary workaround, consider restricting access to the GPU kernel driver to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Powervr-Gpu