Use-after-free vulnerability in RGXBackingZSBuffer of rgxta3d.c allows for arbitrary code execution

Use-after-free vulnerability in RGXBackingZSBuffer of rgxta3d.c allows for arbitrary code execution

CVE-2023-21166 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Learn more about our User Device Pen Test.