8.1
CVE-2024-43702
- EPSS 0.11%
- Veröffentlicht 30.11.2024 03:15:13
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 367425dc-4d06-4041-9650-c2dc6a
- CVE-Watchlists
- Unerledigt
GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages
Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerimaginationtech
≫
Produkt
ddk
Default Statusunknown
Version <=
24.2_rtm1
Version
1.13_rtm
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.286 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
CWE-280 Improper Handling of Insufficient Permissions or Privileges
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.