The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html | |
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | Vendor Advisory |
https://developer.arm.com/support/arm-security-updates | Vendor Advisory |
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/ | Exploit Third Party Advisory |
https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Dec 2023, 13:51
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:* | |
First Time |
Arm midgard Gpu Kernel Driver
|
12 Jun 2023, 07:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Mar 2023, 18:11
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/ - Exploit, Third Party Advisory | |
References | (MISC) https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/ - Exploit, Third Party Advisory |
23 Jan 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. | |
References |
|
28 Oct 2022, 19:00
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities - Vendor Advisory | |
References | (MISC) https://developer.arm.com/support/arm-security-updates - Vendor Advisory | |
CPE | cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:*:*:*:*:*:*:* cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:midguard_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:*:*:*:*:*:*:* |
|
First Time |
Arm valhall Gpu Kernel Driver
Arm Arm bifrost Gpu Kernel Driver Arm midguard Gpu Kernel Driver |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-416 |
25 Oct 2022, 19:36
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-25 19:15
Updated : 2023-12-13 13:51
NVD link : CVE-2022-38181
Mitre link : CVE-2022-38181
CVE.ORG link : CVE-2022-38181
JSON object : View
Products Affected
arm
- midgard_gpu_kernel_driver
- bifrost_gpu_kernel_driver
- valhall_gpu_kernel_driver
CWE
CWE-416
Use After Free