CVE-2023-26083

ENISA EUVD: EUVD-2023-29957 ↗
Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: March 5, 2026 3 articles Published: 2023-04-06
VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23
5.23%
probability
This CVE has a 5.23% probability of being exploited in the next 30 days.
0% Top 90.1th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)
3.3
LOW
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

VulnerabilityLookup (CNA)
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.

Affected Products

n/a
n/a

Attack Intelligence

Google Project Zero

Discovered
Jan. 12, 2023
Patched
March 31, 2023
Reported by
Clement Lecigne of the Google Threat Analysis Group
Root Cause Analysis
???

Signal Intelligence

Confidence
95%
EPSS 5.23%
CVSS v3.1 3.3
Mentions 3

CNA Information

CNA Assigner
mitre

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Triage Info

Decided atMar 05, 2026
Published DateApr 06, 2023