Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-36449

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.

Published

2022-09-01T03:15:16.050

Last Modified

2025-04-07T12:47:11.043

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arm	bifrost_gpu_kernel_driver	≤ r38p0	Yes
Application	arm	bifrost_gpu_kernel_driver	r39p0	Yes
Application	arm	midgard_gpu_kernel_driver	≤ r32p0	Yes
Application	arm	valhall_gpu_kernel_driver	≤ r38p0	Yes
Application	arm	valhall_gpu_kernel_driver	r39p0	Yes

References

http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html Third Party Advisory, VDB Entry ([email protected])
http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html Third Party Advisory, VDB Entry ([email protected])
http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html Third Party Advisory, VDB Entry ([email protected])
http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html Third Party Advisory, VDB Entry ([email protected])
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory ([email protected])
http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)