CVE-2024-43701

Name of the Vulnerable Software and Affected Versions Imagination Technologies Graphics DDK (affected versions not specified)

Description The issue allows software installed and run as a non-privileged user to conduct GPU system calls, enabling the reading and writing of freed physical memory from the GPU. This is due to a use-after-free (UAF) condition related to the TLB invalidate of dma buf imported into multiple GPU devices, which can lead to a potential race condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.