CVE-2021-28664

Name of the Vulnerable Software and Affected Versions Arm Mali Graphics Processing Unit (GPU) versions Bifrost r0p0 through r29p0 before r30p0 Arm Mali Graphics Processing Unit (GPU) versions Valhall r19p0 through r29p0 before r30p0 Arm Mali Graphics Processing Unit (GPU) versions Midgard r8p0 through r30p0 before r31p0

Description The issue is related to insufficient access control in the Arm Mali Graphics Processing Unit (GPU) driver, based on Midgard, Bifrost, and Valhall architectures. Exploitation of this issue may allow a remote attacker to escalate privileges, gain unauthorized access to protected information, or cause a denial of service. The vulnerability is due to an unprivileged user being able to achieve read/write access to read-only pages, potentially leading to memory corruption.

Recommendations For Bifrost r0p0 through r29p0 before r30p0, update to version r30p0 or later to resolve the issue. For Valhall r19p0 through r29p0 before r30p0, update to version r30p0 or later to resolve the issue. For Midgard r8p0 through r30p0 before r31p0, update to version r31p0 or later to resolve the issue. As a temporary workaround, consider restricting access to the kernel driver to minimize the risk of exploitation.