Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-46395

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Published

2023-03-06T14:15:09.367

Last Modified

2024-11-21T07:30:30.913

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
CWE-416

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arm	avalon_gpu_kernel_driver	r41p0	Yes
Application	arm	bifrost_gpu_kernel_driver	≤ r41p0	Yes
Application	arm	midgard_gpu_kernel_driver	≤ r32p0	Yes
Application	arm	valhall_gpu_kernel_driver	≤ r41p0	Yes

References

http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html ([email protected])
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory ([email protected])
https://developer.arm.com/support/arm-security-updates Vendor Advisory ([email protected])
http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html (af854a3a-2127-422b-91ae-364da2661108)
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://developer.arm.com/support/arm-security-updates Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)