An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html | Third Party Advisory VDB Entry |
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | Vendor Advisory |
Configurations
History
14 Dec 2023, 20:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* |
01 Mar 2023, 15:08
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html - Third Party Advisory, VDB Entry |
10 Jan 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Dec 2022, 14:03
Type | Values Removed | Values Added |
---|---|---|
First Time |
Arm
Arm midguard Gpu Kernel Driver Arm valhall Gpu Kernel Driver Arm bifrost Gpu Kernel Driver |
|
References | (MISC) https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities - Vendor Advisory | |
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:arm:midguard_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:* cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* |
14 Dec 2022, 01:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0. |
12 Dec 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-12 20:15
Updated : 2023-12-14 20:02
NVD link : CVE-2022-42716
Mitre link : CVE-2022-42716
CVE.ORG link : CVE-2022-42716
JSON object : View
Products Affected
arm
- valhall_gpu_kernel_driver
CWE
CWE-416
Use After Free