CVE-2023-44216

Published Sep 27, 2023

Last updated a year ago

CVSS medium 5.3

Overview

Description: PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 3.6
Exploitability score: 1.6
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-203

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_7_4800u:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D1E9A6F-7339-4679-B83B-87BC1BEEFA16"
          },
          {
            "criteria": "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "494A828B-F2BF-40CA-AAFB-7D2AF2BAF3AA"
          },
          {
            "criteria": "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEF502AE-BD3F-461B-9476-FB04818DA1F2"
          },
          {
            "criteria": "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04076FFA-D74F-4501-9921-D8EBDF97CD20"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:professional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45ED814C-867A-4365-BE5F-4139DF1A60F6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D974FFFD-BBCC-444C-9EF1-AE478EEDB6E2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11:-:*:*:*:home:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA83E0AD-5158-4BE3-9DF7-1803D4E70292"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2FDB568-5340-4DD8-B933-1CD64C370BD6"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_rtx_3060:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCBCF01F-EA62-4733-9E6D-E72439C4B65A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:pro:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F43060F-72D2-4417-A495-49D62044EC8D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:amd:ryzen_5_7600x:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C05D51F-469D-487D-9FC8-E1AD699A6F74"
          },
          {
            "criteria": "cpe:2.3:h:nvidia:geforce_rtx_2080_super:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "633AB383-A5D6-4F0F-A973-FE777117A856"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:macos:13.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D95E6469-A678-47A5-A162-259FE0325CA7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:apple:m1_mac_mini:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F186A650-BC3B-4D43-B177-DC98BFD82DD2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:google:pixel_6:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C27C4FD0-E67A-4D54-A00A-BDD59AAABB4F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References