CVE-2023-44216

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 27, 2023
Updated: Oct 5, 2023
CWE ID 203

Summary

CVE-2023-44216 is a newly disclosed vulnerability affecting the PowerVR Image Compression (PVRIC) component on Imagination 2018 and later GPU devices. This issue enables cross-origin pixel-stealing attacks against the feTurbulence and feBlend filters in the SVG (Scalable Vector Graphics) specification. By controlling a resource from a different origin, attackers can potentially determine text content on a web page, making it a significant security concern for browsers and other applications utilizing these GPUs.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Android
  • MacOS
  • Ubuntu Linux

Affected Vendors

  • Google
  • Apple
  • Canonical System