CVE-2023-44216
Published: 27 September 2023
PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.
Notes
Author | Note |
---|---|
rodrigo-zaiden | GPU.zip blog posts claims that all GPUs are likely affected but none responded to it yet. added nvidia drivers tracking, but later updates will be necessary for a proper triage over nvidia and other GPUs. |
mdeslaur | some binary drivers are no longer support by NVidia, so they are marked as ignored here This CVE applied to Imagination hardware. While similar issues may apply to Nvidia, this CVE doesn't seem to be used for it, so marking nvidia packages as not-affected. |
Priority
Status
Package | Release | Status |
---|---|---|
nvidia-graphics-drivers-304 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Ignored
|
|
nvidia-graphics-drivers-304-updates Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-340 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Not vulnerable
(superseded)
|
|
lunar |
Not vulnerable
(superseded)
|
|
mantic |
Not vulnerable
(superseded)
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Ignored
|
|
nvidia-graphics-drivers-340-updates Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-352 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-352-updates Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-361 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-367 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-375 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
(superseded)
|
|
nvidia-graphics-drivers-384 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Ignored
(end of standard support)
|
|
upstream |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
nvidia-graphics-drivers-390 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-418-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-430 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-435 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-440 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-440-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-450 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-450-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-455 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-460 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-460-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-470 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-470-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-495 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
(superseded)
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-510 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Ignored
|
|
mantic |
Ignored
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-510-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
(superseded)
|
|
jammy |
Not vulnerable
(superseded)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
(superseded)
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-515 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-515-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-520 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Ignored
|
|
jammy |
Ignored
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-525 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-525-server Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-530 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
|
nvidia-graphics-drivers-535 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support)
|
focal |
Not vulnerable
|
|
jammy |
Not vulnerable
|
|
lunar |
Ignored
(end of life, was not-affected)
|
|
mantic |
Not vulnerable
|
|
trusty |
Does not exist
|
|
upstream |
Not vulnerable
|
|
xenial |
Does not exist
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.3 |
Attack vector | Network |
Attack complexity | High |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
References
- https://arstechnica.com/security/2023/09/gpus-from-all-major-suppliers-are-vulnerable-to-new-pixel-stealing-attack/
- https://blog.imaginationtech.com/introducing-pvric4-taking-image-compression-to-the-next-level/
- https://blog.imaginationtech.com/reducing-bandwidth-pvric/
- https://github.com/UT-Security/gpu-zip
- https://news.ycombinator.com/item?id=37663159
- https://www.hertzbleed.com/gpu.zip/
- https://www.hertzbleed.com/gpu.zip/GPU-zip.pdf
- https://www.w3.org/TR/filter-effects-1/
- https://www.cve.org/CVERecord?id=CVE-2023-44216
- NVD
- Launchpad
- Debian