CVE-2024-46974
Published: 31 January 2025
Summary
CVE-2024-46974 is a high-severity Incorrect Privilege Assignment (CWE-266) vulnerability in Imaginationtech (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 25.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SC-4 (Information in Shared System Resources).
Deeper analysis
CVE-2024-46974 affects the Imagination Technologies GPU driver, where software installed and run as a non-privileged user can conduct improper read/write operations on imported/exported DMA buffers. This vulnerability, published on 2025-01-31, is linked to CWE-266 (Incorrect Privilege Assignment for Critical Resource) and CWE-274 (Improper Handling of Insufficient Privileges or Quota). It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to significant impacts on confidentiality, integrity, and availability.
A local attacker with low privileges can exploit this issue through low-complexity means without requiring user interaction. Exploitation allows improper access to DMA buffers, potentially enabling arbitrary read/write operations that compromise system security, data exposure, modification of critical resources, or denial of service.
Imagination Technologies has issued an advisory detailing GPU driver vulnerabilities, including CVE-2024-46974, available at https://www.imaginationtech.com/gpu-driver-vulnerabilities/. Security practitioners should review this reference for specific patch information, mitigation steps, and affected driver versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42208
Vulnerability details
Software installed and run as a non-privileged user may conduct improper read/write operations on imported/exported DMA buffers.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local low-priv DMA buffer R/W in kernel driver directly enables exploitation for privilege escalation to achieve arbitrary code execution and full system compromise.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates the CVE by requiring timely identification, reporting, and patching of the vulnerable Imagination Technologies GPU driver.
Enforces least privilege to prevent non-privileged user software from conducting improper read/write operations on critical DMA buffers.
Protects information in shared system resources like DMA buffers from unauthorized access and transfer by low-privileged users.