CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-47895

High Severity
SVRS
65/100
CVSSv3
7.1/10
EPSS
0.0002/1

CVE-2024-47895: A vulnerability allows a guest VM to potentially read data outside its allocated GPU memory. This kernel software issue could permit unauthorized access to sensitive information residing within the GPU firmware's address space. SOCRadar's Vulnerability Risk Score (SVRS) is 65, indicating a moderate risk, but the "In The Wild" tag suggests active exploitation. This could allow attackers to bypass normal virtualization boundaries. While the CVSS score is 7.1, the SVRS provides added context. Immediate patching is advised if the SVRS rises above 80 due to increased threat actor activity targeting this vulnerability. Failure to address this issue may lead to data breaches and system compromise.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:H
I:N
A:H
PUBLICATION DATE2025-01-13
LAST MODIFIED2025-01-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-47895 describes a vulnerability in kernel software running within a Guest VM. This vulnerability arises when the kernel software posts improper commands to the GPU Firmware, allowing potential access to data outside the virtualized GPU memory of the Guest VM. This vulnerability could be exploited by malicious actors to gain unauthorized access to sensitive data within the Guest VM.

Key Insights

  • Potential for Data Exfiltration: The improper commands sent to the GPU firmware could allow attackers to read data outside the Guest VM's virtualized GPU memory. This presents a significant risk for data exfiltration, particularly if sensitive information is stored in the Guest VM's memory.
  • Exploitation in Virtualized Environments: This vulnerability is particularly relevant for organizations running virtualized environments. It highlights the importance of securing not only the host system but also the Guest VMs, as vulnerabilities in the kernel software within the Guest VM can pose a significant risk.
  • Potential for Privilege Escalation: While the initial focus might be on data exfiltration, attackers could leverage this vulnerability to gain elevated privileges within the Guest VM. This could lead to further compromise of the virtualized environment.
  • SVRS Ranking: Despite a CVSS score of 0, the SOCRadar Vulnerability Risk Score (SVRS) stands at 34, indicating a moderate level of risk. This highlights the importance of assessing vulnerabilities beyond traditional scoring systems, considering factors like potential for data exfiltration and exploitability in real-world scenarios.

Mitigation Strategies

  • Patching Kernel Software: Prioritize patching the kernel software in both the host and Guest VM to address the vulnerability. Regularly update the kernel software to ensure that any known vulnerabilities are patched.
  • Security Hardening: Implement security hardening measures for the Guest VM, including restricting access to sensitive data, limiting network connections, and utilizing a strong password policy.
  • Monitoring and Intrusion Detection: Implement security monitoring tools and intrusion detection systems to detect suspicious activity and identify potential attempts to exploit the vulnerability.
  • Security Awareness Training: Educate users about the risks posed by this vulnerability and reinforce best practices for data security and user accountability.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-47895 | Imagination Technologies Graphics DDK up to 24.2 RTM2 GPU Firmware out-of-range pointer offset
vuldb.com2025-01-13
CVE-2024-47895 | Imagination Technologies Graphics DDK up to 24.2 RTM2 GPU Firmware out-of-range pointer offset | A vulnerability, which was classified as critical, was found in Imagination Technologies Graphics DDK up to 24.2 RTM2. This affects an unknown part of the component GPU Firmware. The manipulation leads to use of out-of-range pointer offset. This vulnerability is uniquely identified as CVE-2024-47895<
vuldb.com
rss
forum
news

Social Media

CVE-2024-47895 (CVSS:7.1, HIGH) is Awaiting Analysis. Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outs..https://t.co/V1xTjgWXFb #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
0
0
1
CVE-2024-47895 Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory. https://t.co/GJjmEeEYl7
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
367425DC-4D06-4041-9650-C2DC6AAA27CEhttps://www.imaginationtech.com/gpu-driver-vulnerabilities/

CWE Details

CWE IDCWE NameDescription
CWE-823Use of Out-of-range Pointer OffsetThe program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence