CVE-2024-47891
Published: 31 January 2025
Summary
CVE-2024-47891 is a high-severity Use After Free (CWE-416) vulnerability in Imaginationtech (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 31.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-47891 is a use-after-free vulnerability (CWE-416) affecting GPU drivers from Imagination Technologies. The issue arises when software installed and run as a non-privileged user makes improper GPU system calls, triggering kernel exceptions. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-01-31.
A local attacker with low privileges can exploit this vulnerability through low-complexity attacks requiring no user interaction. Exploitation triggers kernel exceptions, enabling high-impact effects on confidentiality, integrity, and availability, such as potential kernel code execution or system denial of service.
Mitigation details are available in the vendor advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42884
Vulnerability details
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Use-after-free in GPU kernel driver allows local low-privileged user to trigger kernel exceptions and achieve code execution/DoS, directly mapping to exploitation for privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation directly mitigates the use-after-free vulnerability in Imagination Technologies GPU drivers by applying vendor-provided patches to prevent kernel exceptions from improper system calls.
Memory protection mechanisms such as address space layout randomization, data execution prevention, and kernel bounds checking comprehensively mitigate exploitation of the use-after-free vulnerability in GPU drivers.
Prohibiting user-installed software prevents local low-privilege attackers from deploying programs that make improper GPU system calls to trigger the kernel vulnerability.