PT-2022-6367 · Arm · Arm Mali Gpu Kernel Driver
Published
2022-12-09
·
Updated
2023-12-14
·
CVE-2022-46891
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Arm Mali GPU Kernel Driver versions Midgard r13p0 through r32p0
Arm Mali GPU Kernel Driver versions Bifrost r1p0 through r40p0
Arm Mali GPU Kernel Driver versions Valhall r19p0 through r40p0
Description
A non-privileged user can make improper GPU processing operations to gain access to already freed memory due to a use-after-free issue in the Arm Mali GPU Kernel Driver. This issue may allow a remote attacker to execute arbitrary code.
Recommendations
For Arm Mali GPU Kernel Driver versions Midgard r13p0 through r32p0, update to a version that fixes the use-after-free issue.
For Arm Mali GPU Kernel Driver versions Bifrost r1p0 through r40p0, update to a version that fixes the use-after-free issue.
For Arm Mali GPU Kernel Driver versions Valhall r19p0 through r40p0, update to a version that fixes the use-after-free issue.
As a temporary workaround, consider restricting access to the GPU processing operations until a patch is available.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arm Mali Gpu Kernel Driver