CVE-2021-28663

Name of the Vulnerable Software and Affected Versions Arm Mali GPU kernel driver versions Bifrost r0p0 through r28p0 before r29p0 Arm Mali GPU kernel driver versions Valhall r19p0 through r28p0 before r29p0 Arm Mali GPU kernel driver versions Midgard r4p0 through r30p0

Description The issue is related to the mishandling of GPU memory operations, leading to a use-after-free condition. This can result in privilege escalation or information disclosure. An attacker may exploit this issue to gain unauthorized access to protected information or elevate their privileges. The vulnerability can be exploited by a remote attacker.

Recommendations For Bifrost r0p0 through r28p0, update to version r29p0 or later to resolve the issue. For Valhall r19p0 through r28p0, update to version r29p0 or later to resolve the issue. For Midgard r4p0 through r30p0, update to a version later than r30p0 to resolve the issue. As a temporary workaround, consider restricting access to the GPU kernel driver to minimize the risk of exploitation.