CVE-2021-29256 - . The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, lead

CVE-2021-29256

Summary

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

References

https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver

Vulnerable Configurations

cpe:2.3:a:arm:bifrost:r16p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:r16p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:r30p0:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:r30p0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r28p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r28p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r30p0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r30p0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r30p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard:r30p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall:r19p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall:r19p0-01eac0:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall:r30p0:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall:r30p0:*:*:*:*:*:*:*

CVSS

Base:	9.0 (as of 08-06-2021 - 17:08)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

Last major update

08-06-2021 - 17:08

Published

24-05-2021 - 18:15

Last modified

08-06-2021 - 17:08