CVE-2023-44216

Name of the Vulnerable Software and Affected Versions Imagination GPU devices versions 2018 and later

Description The issue allows for cross-origin pixel-stealing attacks against certain functions in the SVG Filter specification, such as feTurbulence and feBlend. This can enable attackers to determine text contained on a web page from one origin if they control a resource from a different origin.

Recommendations For Imagination GPU devices versions 2018 and later, consider disabling the PVRIC (PowerVR Image Compression) feature as a temporary workaround until a patch is available. Restrict access to sensitive resources to minimize the risk of exploitation. Avoid using the feTurbulence and feBlend functions in the SVG Filter specification until the issue is resolved.