CVE-2023-44216

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 27, 2023

Updated: Oct 5, 2023

CWE ID 203

Summary

CVE-2023-44216 is a newly disclosed vulnerability affecting the PowerVR Image Compression (PVRIC) component on Imagination 2018 and later GPU devices. This issue enables cross-origin pixel-stealing attacks against the feTurbulence and feBlend filters in the SVG (Scalable Vector Graphics) specification. By controlling a resource from a different origin, attackers can potentially determine text content on a web page, making it a significant security concern for browsers and other applications utilizing these GPUs.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
MacOS
Ubuntu Linux

Affected Vendors

Google
Apple
Canonical System

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/szdZYE
https://www.cve.org/CVERecord?id=CVE-2023-44216
https://nvd.nist.gov/vuln/detail/CVE-2023-44216

Back to Vulnerability Database