Vulnerabilites related to arm - midgard_gpu_kernel_driver
Vulnerability from fkie_nvd
Published
2022-03-03 15:15
Modified
2025-04-07 13:09
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2023-04-20", cisaExploitAdd: "2023-03-30", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Arm Mali GPU Kernel Driver Unspecified Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2BC992EA-31B0-4668-97A7-DAB4FA569FC7", versionEndExcluding: "r36p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "7C54FBE2-F9B7-4C24-BD18-D63C429496C5", versionEndExcluding: "r32p0", versionStartIncluding: "r26p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E9B32BDE-B62B-4CB6-8551-236699541379", versionEndExcluding: "r36p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.", }, { lang: "es", value: "El controlador del kernel de la GPU Arm Mali permite a un usuario sin privilegios conseguir acceso de escritura a páginas de memoria de sólo lectura. Esto afecta a Midgard r26p0 hasta r31p0, Bifrost r0p0 hasta r35p0, y Valhall r19p0 hasta r35p0", }, ], id: "CVE-2022-22706", lastModified: "2025-04-07T13:09:05.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2022-03-03T15:15:08.610", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-06 16:15
Modified
2025-04-07 13:08
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2023-04-28", cisaExploitAdd: "2023-04-07", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Arm Mali GPU Kernel Driver Information Disclosure Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "574A1E71-2B1E-48D4-AA93-974B4E34C64F", versionEndExcluding: "r43p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "C7205027-9AE7-4095-B0A7-B1ECA71ACCAE", versionEndExcluding: "r43p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA04388-28FC-4F87-85F4-B7FD0B553611", versionEndIncluding: "r32p0", versionStartIncluding: "r6p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "38BF4620-6A5C-4034-8D17-BC1AC5F8C711", versionEndExcluding: "r43p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.", }, ], id: "CVE-2023-26083", lastModified: "2025-04-07T13:08:56.533", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-04-06T16:15:07.843", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.cybersecurity-help.cz/vdb/SB2023033049", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.cybersecurity-help.cz/vulnerabilities/74210/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cybersecurity-help.cz/vdb/SB2023033049", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cybersecurity-help.cz/vulnerabilities/74210/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-10 15:15
Modified
2025-04-03 19:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2021-11-17", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "D4A585CF-8557-4660-BD0B-EAE94D1BF8A2", versionEndExcluding: "r29p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "914DDE6A-9D92-46E2-BF0E-0E3FC58F6BF7", versionEndExcluding: "r31p0", versionStartIncluding: "r8p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "AA218DCD-3CAF-4A64-BE97-F7E4916D9C6F", versionEndExcluding: "r29p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.", }, { lang: "es", value: "El controlador del kernel de la GPU Arm Mali permite una escalada de privilegios o una denegación de servicio (corrupción de memoria) porque un usuario sin privilegios puede conseguir acceso de lectura/escritura a páginas de sólo lectura. Esto afecta a Bifrost r0p0 hasta r29p0 antes de r30p0, Valhall r19p0 hasta r29p0 antes de r30p0, y Midgard r8p0 hasta r30p0 antes de r31p0", }, ], id: "CVE-2021-28664", lastModified: "2025-04-03T19:15:16.123", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-05-10T15:15:07.590", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-24 18:15
Modified
2025-04-07 13:08
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2023-07-28", cisaExploitAdd: "2023-07-07", cisaRequiredAction: "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.", cisaVulnerabilityName: "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "D168CEB1-DAE6-4C9F-B101-C84CA7C0396D", versionEndExcluding: "r30p0", versionStartIncluding: "r16p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "EB12C4AB-50D7-49F7-A8C3-33A8629D3C96", versionEndExcluding: "r31p0", versionStartIncluding: "r28p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E9713B79-2EFF-49C1-8B8F-4CA969BA351E", versionEndExcluding: "r30p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: ". The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.", }, { lang: "es", value: "El controlador del kernel de la GPU Arm Mali, permite a un usuario no privilegiado acceder a la memoria liberada, conllevando a una divulgación de información o una escalada de privilegios de root. Esto afecta a Bifrost versiones r16p0 hasta r29p0 anteriores a r30p0, Valhall r19p0 hasta r29p0 anteriores a r30p0 y Midgard versiones r28p0 hasta r30p0", }, ], id: "CVE-2021-29256", lastModified: "2025-04-07T13:08:28.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-05-24T18:15:08.033", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-06 14:15
Modified
2024-11-21 07:30
Severity ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | avalon_gpu_kernel_driver | r41p0 | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:avalon_gpu_kernel_driver:r41p0:*:*:*:*:*:*:*", matchCriteriaId: "79276232-C7C9-434E-818E-9846F335F21D", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "711E2235-8C0F-4B8F-858F-E2EAAC124FA1", versionEndIncluding: "r41p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "94829287-8671-41ED-810B-D1560B65F4F7", versionEndIncluding: "r32p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2429D309-6700-447D-A068-F6F02DC6473B", versionEndIncluding: "r41p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.", }, ], id: "CVE-2022-46395", lastModified: "2024-11-21T07:30:30.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-03-06T14:15:09.367", references: [ { source: "cve@mitre.org", url: "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-02 00:15
Modified
2025-01-09 20:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | avalon_gpu_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:avalon_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "16AC01AB-58F9-4F1F-AC20-9439589365ED", versionEndExcluding: "r43p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "3A66F4A7-1C9B-4248-BE13-6A1219F844F9", versionEndExcluding: "r43p0", versionStartIncluding: "r17p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E377093B-C988-41E8-B7DD-317763661323", versionEndIncluding: "r32p0", versionStartIncluding: "r29p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "38BF4620-6A5C-4034-8D17-BC1AC5F8C711", versionEndExcluding: "r43p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.", }, ], id: "CVE-2023-28147", lastModified: "2025-01-09T20:15:32.090", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-02T00:15:09.620", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-10-01 18:15
Modified
2025-03-10 20:32
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2023-10-24", cisaExploitAdd: "2023-10-03", cisaRequiredAction: "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "574A1E71-2B1E-48D4-AA93-974B4E34C64F", versionEndExcluding: "r43p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "C7205027-9AE7-4095-B0A7-B1ECA71ACCAE", versionEndExcluding: "r43p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "16C78155-83B1-429D-9985-0327AD153FC6", versionEndIncluding: "r32p0", versionStartIncluding: "r12p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "38BF4620-6A5C-4034-8D17-BC1AC5F8C711", versionEndExcluding: "r43p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\n\n", }, { lang: "es", value: "Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada.", }, ], id: "CVE-2023-4211", lastModified: "2025-03-10T20:32:41.700", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-10-01T18:15:09.927", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-01 03:15
Modified
2025-04-07 12:47
Severity ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | r39p0 | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | r39p0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "16BAF891-CABF-421E-8D25-258A2D1B1DC7", versionEndIncluding: "r38p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", matchCriteriaId: "C5628A8D-18D5-4A0F-A474-13024A73F17F", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2DCE4808-EFC2-4BA7-83CF-BD98CAFBB029", versionEndIncluding: "r32p0", versionStartIncluding: "r4p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2D7A46F8-1503-4028-922F-643E5748CA0E", versionEndIncluding: "r38p0", versionStartIncluding: "r19p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", matchCriteriaId: "05471A20-62BC-4626-BE77-0902B098834E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.", }, { lang: "es", value: "Se ha detectado un problema en el controlador del kernel de la GPU Arm Mali. Un usuario no privilegiado puede realizar operaciones inapropiadas de procesamiento de la GPU para conseguir acceso a la memoria ya liberada, escribir una cantidad limitada fuera de límites del búfer o divulgar detalles de las asignaciones de memoria. Esto afecta a Midgard versiones r4p0 hasta r32p0, Bifrost versiones r0p0 hasta r38p0 y r39p0 anteriores a r38p1, y Valhall versiones r19p0 hasta r38p0 y r39p0 anteriores a r38p1", }, ], id: "CVE-2022-36449", lastModified: "2025-04-07T12:47:11.043", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-01T03:15:16.050", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-19 01:15
Modified
2024-11-21 06:57
Severity ?
Summary
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "B723BA71-B187-45DD-AC7C-FDAF9EC35C36", versionEndIncluding: "r36p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "A1AB50D5-AAC9-473D-B450-8275CB7E1676", versionEndIncluding: "r31p0", versionStartIncluding: "r4p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "4CA955FE-68D4-4F37-A5A3-0CE6F866DF14", versionEndIncluding: "r36p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.", }, { lang: "es", value: "Arm Mali GPU Kernel Driver (versiones Midgard r4p0 hasta r31p0, Bifrost r0p0 hasta r36p0 antes de r37p0, y Valhall r19p0 hasta r36p0 antes de r37p0) permite que las operaciones de memoria de la GPU inapropiadas lleguen a una situación de uso de memoria previamente liberada", }, ], id: "CVE-2022-28348", lastModified: "2024-11-21T06:57:11.327", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-19T01:15:06.803", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-04 10:15
Modified
2025-03-27 16:28
Severity ?
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "1CD584E0-3C44-465E-886B-8013B9A19AE4", versionEndExcluding: "r47p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "57E2549B-D658-48A8-9F8A-9F8BC6C11ECD", versionEndExcluding: "r19p0", versionStartIncluding: "r1p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "48B2F411-CC76-4D35-98DB-1CC997C36F84", versionEndIncluding: "r32p0", versionStartIncluding: "r13p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "EE6C157D-3028-4CAA-8A50-28A25BA93C8B", versionEndExcluding: "r47p0", versionStartIncluding: "r37p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n", }, { lang: "es", value: "Vulnerabilidad Use After Free en Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver permite a un usuario local sin privilegios explotar una condición de ejecución de software para realizar operaciones de procesamiento de memoria inadecuadas. Si el usuario prepara cuidadosamente la memoria del sistema y el sistema está bajo una carga pesada, esto a su vez provocará un Use After Free. Este problema afecta al controlador del kernel de GPU Midgard: de r13p0 a r32p0; Controlador del kernel de GPU Bifrost: desde r1p0 hasta r18p0; Controlador del kernel de GPU Valhall: desde r37p0 hasta r46p0; Controlador del kernel de arquitectura de GPU Arm de quinta generación: desde r41p0 hasta r46p0.", }, ], id: "CVE-2023-6143", lastModified: "2025-03-27T16:28:59.383", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-03-04T10:15:08.807", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-07 16:15
Modified
2024-11-21 08:34
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | mali_gpu_kernel_driver | r41p0 | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "711E2235-8C0F-4B8F-858F-E2EAAC124FA1", versionEndIncluding: "r41p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:mali_gpu_kernel_driver:r41p0:*:*:*:*:*:*:*", matchCriteriaId: "4B4EFDF6-BB81-48DF-BCC9-C22657E572AC", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "1B466A44-0367-4F71-ABF0-CB031338B7E6", versionEndIncluding: "r32p0", versionStartIncluding: "r8p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2429D309-6700-447D-A068-F6F02DC6473B", versionEndIncluding: "r41p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \n\n", }, { lang: "es", value: "Un usuario local sin privilegios puede realizar operaciones de procesamiento de GPU que expongan datos confidenciales de la memoria previamente liberada.", }, ], id: "CVE-2023-4272", lastModified: "2024-11-21T08:34:45.880", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-11-07T16:15:29.250", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, { lang: "en", value: "CWE-1251", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-25 19:15
Modified
2025-04-03 18:54
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | r39p0 | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | r39p0 |
{ cisaActionDue: "2023-04-20", cisaExploitAdd: "2023-03-30", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "822BBE31-6AD6-4C5A-A01C-0994215DD167", versionEndIncluding: "r38p1", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", matchCriteriaId: "C5628A8D-18D5-4A0F-A474-13024A73F17F", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "A1AB50D5-AAC9-473D-B450-8275CB7E1676", versionEndIncluding: "r31p0", versionStartIncluding: "r4p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "3DC17807-E62F-4601-BF21-E64DFA7AA3ED", versionEndIncluding: "r38p1", versionStartIncluding: "r19p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", matchCriteriaId: "05471A20-62BC-4626-BE77-0902B098834E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.", }, { lang: "es", value: "Un controlador del kernel de la GPU del correo de la familia de productos Arm versiones hasta 12-08-2022, permite a usuarios no privilegiados realizar operaciones de procesamiento de la GPU inapropiadas para conseguir acceso a la memoria ya liberada", }, ], id: "CVE-2022-38181", lastModified: "2025-04-03T18:54:52.257", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2022-10-25T19:15:11.487", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-04-19 09:15
Modified
2025-03-27 16:30
Severity ?
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "2A4F2BBC-9DB3-46E0-B2AB-F908DA18524F", versionEndExcluding: "r49p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "46F3A0D1-F30F-4E8A-8405-6FE659663A1D", versionEndExcluding: "r49p0", versionStartIncluding: "r7p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "B4BC6E4E-6F98-4250-B657-D8BE2FD342F6", versionEndIncluding: "r32p0", versionStartIncluding: "r19p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "7A09960D-30CA-4D4A-BC65-AD55E4BCAC07", versionEndExcluding: "r49p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.\n\n", }, { lang: "es", value: "Vulnerabilidad de Use After Free en Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver permite a un usuario local sin privilegios realizar operaciones de procesamiento de memoria GPU inadecuadas para obtener acceso a la memoria ya liberada. Este problema afecta al controlador del kernel de GPU Midgard: desde r19p0 hasta r32p0; Controlador del kernel de GPU Bifrost: desde r7p0 hasta r48p0; Controlador del kernel de GPU Valhall: desde r19p0 hasta r48p0; Controlador del kernel de arquitectura de GPU Arm de quinta generación: desde r41p0 hasta r48p0.", }, ], id: "CVE-2024-0671", lastModified: "2025-03-27T16:30:16.953", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 4.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-04-19T09:15:46.130", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-14 20:15
Modified
2024-11-21 06:31
Severity ?
Summary
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "1D875737-AF88-4E59-807A-08995F71DAB7", versionEndIncluding: "r34p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "0318AE85-85FD-4309-8E87-EF45E41B05E3", versionEndIncluding: "r30p0", versionStartIncluding: "r26p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "17A92ED6-097A-4A7E-AC3B-882BB90F0445", versionEndIncluding: "r34p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.", }, { lang: "es", value: "El controlador del kernel de la GPU Arm Mali (Midgard versiones r26p0 hasta r30p0, Bifrost r0p0 a r34p0, y Valhall versiones r19p0 hasta r34p0) permite a un usuario no privilegiado conseguir acceso de escritura a la memoria de sólo lectura, y posiblemente alcanzar privilegios de root, corromper la memoria y modificar la memoria de otros procesos", }, ], id: "CVE-2021-44828", lastModified: "2024-11-21T06:31:34.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-14T20:15:14.053", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-10 15:15
Modified
2025-03-14 17:09
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ cisaActionDue: "2021-11-17", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "D4A585CF-8557-4660-BD0B-EAE94D1BF8A2", versionEndExcluding: "r29p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "6E1FE39A-BD55-4C5F-BBAA-1138340F8329", versionEndExcluding: "r31p0", versionStartIncluding: "r4p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "AA218DCD-3CAF-4A64-BE97-F7E4916D9C6F", versionEndExcluding: "r29p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.", }, { lang: "es", value: "El controlador del kernel de Arm Mali GPU, permite una escalada de privilegios o una divulgación de información porque las operaciones de la memoria de la GPU son manejadas inapropiadamente, conllevando a un uso de la memoria previamente liberada. Esto afecta a Bifrost versiones r0p0 hasta r28p0, anteriores a r29p0, Valhall versiones r19p0 hasta r28p0 anteriores a r29p0 y Midgard versiones r4p0 hasta r30p0", }, ], id: "CVE-2021-28663", lastModified: "2025-03-14T17:09:07.347", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-05-10T15:15:07.557", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://github.com/lntrx/CVE-2021-28663", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://github.com/lntrx/CVE-2021-28663", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-03-04 13:15
Modified
2025-03-13 15:15
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "1CD584E0-3C44-465E-886B-8013B9A19AE4", versionEndExcluding: "r47p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "5FA2DB36-E877-47AC-AF64-180B7846A5F9", versionEndExcluding: "r26p0", versionStartIncluding: "r11p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "48B2F411-CC76-4D35-98DB-1CC997C36F84", versionEndIncluding: "r32p0", versionStartIncluding: "r13p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "BF5A1114-306D-40E7-B92C-F81166BAEE5F", versionEndExcluding: "r26p0", versionStartIncluding: "r19p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E0CA2690-26AA-4B23-91F8-D3649510242F", versionEndExcluding: "r47p0", versionStartIncluding: "r29p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n", }, { lang: "es", value: "Vulnerabilidad de Use After Free en Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver permite a un usuario local sin privilegios explotar una condición de ejecución de software para realizar operaciones de procesamiento de memoria inadecuadas. Si el usuario prepara cuidadosamente la memoria del sistema, esto a su vez provocará un Use After Free. Este problema afecta al controlador del kernel de GPU Midgard: de r13p0 a r32p0; Controlador del kernel de GPU Bifrost: desde r11p0 hasta r25p0; Controlador del kernel de GPU Valhall: de r19p0 a r25p0, de r29p0 a r46p0; Controlador del kernel de arquitectura de GPU Arm de quinta generación: desde r41p0 hasta r46p0.", }, ], id: "CVE-2023-6241", lastModified: "2025-03-13T15:15:39.600", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-03-04T13:15:43.807", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-04 12:15
Modified
2024-11-21 08:04
Severity ?
Summary
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | 5th_gen_gpu_architecture_kernel_driver | * | |
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "D22E3777-E2DF-450F-B233-57526577B53E", versionEndIncluding: "r44p0", versionStartIncluding: "r41p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "F4D0C80F-06B5-412E-A155-CDAB45239750", versionEndIncluding: "r44p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "94829287-8671-41ED-810B-D1560B65F4F7", versionEndIncluding: "r32p0", versionStartIncluding: "r0p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "BC7426FE-1B98-4B7E-AE5F-C8C3C2DD4203", versionEndIncluding: "r44p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.\n\n", }, { lang: "es", value: "Vulnerabilidad de escritura fuera de los límites en Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver permite a un usuario local sin privilegios escribir un patrón constante a una cantidad limitada de memoria no asignada por el controlador de espacio de usuario. Este problema afecta a: Midgard GPU Userspace Driver: de r0p0 a r32p0; Bifrost GPU Userspace Driver: de r0p0 a r44p0; Valhall GPU Userspace Driver: desde r19p0 hasta r44p0; Arm 5th Gen GPU Architecture Userspace Driver: desde r41p0 hasta r44p0.", }, ], id: "CVE-2023-32804", lastModified: "2024-11-21T08:04:03.597", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-04T12:15:07.570", references: [ { source: "arm-security@arm.com", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "arm-security@arm.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "arm-security@arm.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-17 08:15
Modified
2024-11-21 07:31
Severity ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | bifrost_gpu_kernel_driver | * | |
| arm | midgard_gpu_kernel_driver | * | |
| arm | valhall_gpu_kernel_driver | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "48F069A5-6E3A-4E30-A69A-CCA50D66E8B0", versionEndIncluding: "r40p0", versionStartIncluding: "r1p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "48B2F411-CC76-4D35-98DB-1CC997C36F84", versionEndIncluding: "r32p0", versionStartIncluding: "r13p0", vulnerable: true, }, { criteria: "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", matchCriteriaId: "E6BB9E6B-1620-486F-98C5-397292AA1EB4", versionEndIncluding: "r40p0", versionStartIncluding: "r19p0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.", }, { lang: "es", value: "Se descubrió un problema en el controlador del kernel de GPU Arm Mali. Hay un use-after-free. Un usuario sin privilegios puede realizar operaciones de procesamiento de GPU incorrectas para obtener acceso a la memoria ya liberada. Esto afecta a Midgard r13p0 a r32p0, Bifrost r1p0 a r40p0 y Valhall r19p0 a r40p0.", }, ], id: "CVE-2022-46891", lastModified: "2024-11-21T07:31:15.453", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-17T08:15:10.453", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2023-4272
Vulnerability from cvelistv5
Published
2023-11-07 15:18
Modified
2024-09-04 19:35
Severity ?
EPSS score ?
Summary
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Kernel Driver |
Version: r8p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:24:04.581Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-4272", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-04T19:32:51.694412Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-04T19:35:16.534Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r8p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r42p0", status: "unaffected", }, ], lessThan: "r42p0", status: "affected", version: "r0p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r42p0", status: "unaffected", }, ], lessThan: "r42p0", status: "affected", version: "r19p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r42p0", status: "unaffected", }, ], lessThan: "r42p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Jann Horn at Google", }, ], datePublic: "2023-11-07T11:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. </p>", }, ], value: "A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. \n\n", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1251", description: "CWE-1251 Mirrored Regions with Different Values", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-200", description: "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T22:37:50.042Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], source: { discovery: "EXTERNAL", }, title: "Mali GPU Kernel Driver exposes sensitive data from freed memory", x_generator: { engine: "Vulnogram 0.1.0-dev", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "arm-security@arm.com", ID: "CVE-2023-4272", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Mali GPU Kernel Driver", version: { version_data: [ { version_value: "Midgard GPU Kernel Driver", }, ], }, }, ], }, vendor_name: "Arm Ltd", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "5.0", description: { description_data: [ { lang: "eng", value: "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Mali GPU Kernel Driver exposes sensitive data from freed memory", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", refsource: "MISC", url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2023-4272", datePublished: "2023-11-07T15:18:59.203Z", dateReserved: "2023-08-09T12:41:30.877Z", dateUpdated: "2024-09-04T19:35:16.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-29256
Vulnerability from cvelistv5
Published
2021-05-24 17:56
Modified
2025-02-04 19:44
Severity ?
EPSS score ?
Summary
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T22:02:51.225Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-29256", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-04T19:43:25.118908Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-07-07", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-29256", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-04T19:44:44.324Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: ". The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-24T17:56:27.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-29256", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: ". The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", refsource: "CONFIRM", url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-29256", datePublished: "2021-05-24T17:56:27.000Z", dateReserved: "2021-03-26T00:00:00.000Z", dateUpdated: "2025-02-04T19:44:44.324Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0671
Vulnerability from cvelistv5
Published
2024-04-19 08:50
Modified
2024-08-01 18:11
Severity ?
EPSS score ?
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Kernel Driver |
Version: r19p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r41p0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "5th_gen_gpu_architecture_kernel_driver", vendor: "arm", versions: [ { status: "affected", version: "r41p0", }, ], }, { cpes: [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r19p0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "valhall_gpu_kernel_driver", vendor: "arm", versions: [ { status: "affected", version: "r19p0", }, ], }, { cpes: [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "bifrost_gpu_kernel_driver", vendor: "arm", versions: [ { status: "affected", version: "r7p0", }, ], }, { cpes: [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "midgard_gpu_kernel_driver", vendor: "arm", versions: [ { status: "affected", version: "r19p0", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2024-0671", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-22T20:28:22.504871Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:58:24.775Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:11:35.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r19p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r49p0", status: "unaffected", }, ], lessThanOrEqual: "r48p0", status: "affected", version: "r7p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r49p0", status: "unaffected", }, ], lessThanOrEqual: "r48p0", status: "affected", version: "r19p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r49p0", status: "unaffected", }, ], lessThanOrEqual: "r48p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], datePublic: "2024-04-19T08:50:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.<p>This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.</p>", }, ], value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.\n\n", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-04-19T08:50:56.342Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.<br>", }, ], value: "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.\n", }, ], source: { discovery: "UNKNOWN", }, title: "Mali GPU Kernel Driver allows improper GPU memory processing operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2024-0671", datePublished: "2024-04-19T08:50:56.342Z", dateReserved: "2024-01-18T10:10:48.946Z", dateUpdated: "2024-08-01T18:11:35.717Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-26083
Vulnerability from cvelistv5
Published
2023-04-06 00:00
Modified
2025-02-03 14:19
Severity ?
EPSS score ?
Summary
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:39:06.625Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { tags: [ "x_transferred", ], url: "https://www.cybersecurity-help.cz/vdb/SB2023033049", }, { tags: [ "x_transferred", ], url: "https://www.cybersecurity-help.cz/vulnerabilities/74210/", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-26083", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-01-19T17:57:15.442432Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-04-07", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-26083", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-03T14:19:37.820Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-06T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { url: "https://www.cybersecurity-help.cz/vdb/SB2023033049", }, { url: "https://www.cybersecurity-help.cz/vulnerabilities/74210/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-26083", datePublished: "2023-04-06T00:00:00.000Z", dateReserved: "2023-02-20T00:00:00.000Z", dateUpdated: "2025-02-03T14:19:37.820Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32804
Vulnerability from cvelistv5
Published
2023-12-04 11:54
Modified
2024-08-28 17:51
Severity ?
EPSS score ?
Summary
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Userspace Driver |
Version: r0p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:25:37.058Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-32804", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-28T17:51:14.895651Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T17:51:38.564Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Userspace Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r0p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Userspace Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r44p1", status: "unaffected", }, ], lessThanOrEqual: "r44p0", status: "affected", version: "r0p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Userspace Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r44p1", status: "unaffected", }, ], lessThanOrEqual: "r44p0", status: "affected", version: "r19p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Userspace Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r44p1", status: "unaffected", }, ], lessThanOrEqual: "r44p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], datePublic: "2023-12-04T11:17:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.<p>This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.</p>", }, ], value: "Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.\n\n", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-04T11:54:52.044Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Userspace Driver r44p1 and r45p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.", }, ], value: "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Userspace Driver r44p1 and r45p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.", }, ], source: { discovery: "EXTERNAL", }, title: "Mali GPU Userspace Driver can make an Out-of-Bounds access", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2023-32804", datePublished: "2023-12-04T11:54:52.044Z", dateReserved: "2023-05-15T15:01:22.350Z", dateUpdated: "2024-08-28T17:51:38.564Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6143
Vulnerability from cvelistv5
Published
2024-03-04 09:54
Modified
2024-08-28 19:03
Severity ?
EPSS score ?
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Kernel Driver |
Version: r13p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:21:17.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "midgard_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r13p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "bifrost_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r18p0", status: "affected", version: "r1p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "valhall_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r46p0", status: "affected", version: "r37p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "5th_gen_gpu_architecture_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r46p0", status: "affected", version: "r41p0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-6143", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-10T04:00:33.950770Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T19:03:56.048Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r13p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r19p0", status: "unaffected", }, ], lessThanOrEqual: "r18p0", status: "affected", version: "r1p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r47p0", status: "unaffected", }, ], lessThanOrEqual: "r46p0", status: "affected", version: "r37p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r47p0", status: "unaffected", }, ], lessThanOrEqual: "r46p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], datePublic: "2024-03-04T09:53:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.<p>This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.</p>", }, ], value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-04T09:54:23.132Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in the Bifrost Kernel Driver in r19p0, in the Valhall and Arm 5th Gen GPU Architecture Kernel Drivers in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.<br>", }, ], value: "This issue is fixed in the Bifrost Kernel Driver in r19p0, in the Valhall and Arm 5th Gen GPU Architecture Kernel Drivers in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\n", }, ], source: { discovery: "UNKNOWN", }, title: "Mali GPU Kernel Driver allows improper GPU memory processing operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2023-6143", datePublished: "2024-03-04T09:54:23.132Z", dateReserved: "2023-11-14T23:48:11.625Z", dateUpdated: "2024-08-28T19:03:56.048Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6241
Vulnerability from cvelistv5
Published
2024-03-04 12:15
Modified
2025-03-13 14:35
Severity ?
EPSS score ?
Summary
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Kernel Driver |
Version: r13p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:21:17.931Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "midgard_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r13p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "bifrost_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r25p0", status: "affected", version: "r11p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "valhall_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r25p0", status: "affected", version: "r19p0", versionType: "custom", }, { lessThanOrEqual: "r46p0", status: "affected", version: "r29p0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "5th_gen_gpu_architecture_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r46p0", status: "affected", version: "r41p0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-6241", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-09T04:00:50.591116Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-13T14:35:52.185Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r13p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r26p0", status: "unaffected", }, ], lessThanOrEqual: "r25p0", status: "affected", version: "r11p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r26p0", status: "unaffected", }, ], lessThanOrEqual: "r25p0", status: "affected", version: "r19p0", versionType: "patch", }, { changes: [ { at: "r47p0", status: "unaffected", }, ], lessThanOrEqual: "r46p0", status: "affected", version: "r29p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Kernel Driver", vendor: "Arm Ltd", versions: [ { changes: [ { at: "r47p0", status: "unaffected", }, ], lessThanOrEqual: "r46p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Man Yue Mo of GitHub Security Lab", }, ], datePublic: "2024-03-04T12:15:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.<p>This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.</p>", }, ], value: "Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-04T12:15:58.212Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in the Bifrost Kernel Driver in r26p0, in the Valhall Kernel Driver in releases r26p0 and r47p0, and in the Arm 5th Gen GPU Architecture Kernel Driver in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.<br>", }, ], value: "This issue is fixed in the Bifrost Kernel Driver in r26p0, in the Valhall Kernel Driver in releases r26p0 and r47p0, and in the Arm 5th Gen GPU Architecture Kernel Driver in r47p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs.\n", }, ], source: { discovery: "UNKNOWN", }, title: "Mali GPU Kernel Driver allows improper GPU memory processing operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2023-6241", datePublished: "2024-03-04T12:15:58.212Z", dateReserved: "2023-11-21T13:54:23.398Z", dateUpdated: "2025-03-13T14:35:52.185Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46891
Vulnerability from cvelistv5
Published
2023-01-17 00:00
Modified
2024-11-27 15:10
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:27.740Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-46891", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2023-12-20T17:32:35.513596Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-27T15:10:12.945Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-17T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-46891", datePublished: "2023-01-17T00:00:00", dateReserved: "2022-12-09T00:00:00", dateUpdated: "2024-11-27T15:10:12.945Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-4211
Vulnerability from cvelistv5
Published
2023-10-01 17:00
Modified
2025-02-04 14:08
Severity ?
EPSS score ?
Summary
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Arm Ltd | Midgard GPU Kernel Driver |
Version: r12p0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:17:12.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-4211", options: [ { Exploitation: "Active", }, { Automatable: "No", }, { "Technical Impact": "Total", }, ], role: "CISA Coordinator", timestamp: "2023-11-15T16:37:52.728085Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-10-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-4211", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-04T14:08:40.152Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Midgard GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r32p0", status: "affected", version: "r12p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Bifrost GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r42p0", status: "affected", version: "r0p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Valhall GPU Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r42p0", status: "affected", version: "r19p0", versionType: "patch", }, ], }, { defaultStatus: "unaffected", product: "Arm 5th Gen GPU Architecture Kernel Driver", vendor: "Arm Ltd", versions: [ { lessThanOrEqual: "r42p0", status: "affected", version: "r41p0", versionType: "patch", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Maddie Stone, Google Threat Analysis Group ", }, { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Jann Horn, Google Project Zero", }, ], datePublic: "2023-10-01T10:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.</p>", }, ], value: "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.\n\n", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233 Privilege Escalation", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use after free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-04T16:35:12.961Z", orgId: "56a131ea-b967-4a0d-a41e-5f3549952846", shortName: "Arm", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], source: { discovery: "EXTERNAL", }, title: "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations", x_generator: { engine: "Vulnogram 0.1.0-dev", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "arm-security@arm.com", ID: "CVE-2023-4211", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Mali GPU Kernel Driver", version: { version_data: [ { version_value: "Midgard GPU Kernel Driver", }, ], }, }, ], }, vendor_name: "Arm Ltd", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "5.0", description: { description_data: [ { lang: "eng", value: "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", refsource: "MISC", url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "56a131ea-b967-4a0d-a41e-5f3549952846", assignerShortName: "Arm", cveId: "CVE-2023-4211", datePublished: "2023-10-01T17:00:27.113Z", dateReserved: "2023-08-07T15:24:51.156Z", dateUpdated: "2025-02-04T14:08:40.152Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-28348
Vulnerability from cvelistv5
Published
2022-05-19 01:01
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://developer.arm.com/support/arm-security-updates | x_refsource_MISC | |
| https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:56:14.891Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-19T01:01:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-28348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/support/arm-security-updates", refsource: "MISC", url: "https://developer.arm.com/support/arm-security-updates", }, { name: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", refsource: "CONFIRM", url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-28348", datePublished: "2022-05-19T01:01:06", dateReserved: "2022-04-02T00:00:00", dateUpdated: "2024-08-03T05:56:14.891Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22706
Vulnerability from cvelistv5
Published
2022-03-03 14:27
Modified
2025-01-29 16:39
Severity ?
EPSS score ?
Summary
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.
References
| ▼ | URL | Tags |
|---|---|---|
| https://developer.arm.com/support/arm-security-updates | x_refsource_MISC | |
| https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:49.012Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-22706", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-29T16:39:32.254424Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-03-30", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-22706", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-29T16:39:34.824Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-22T13:58:40.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_refsource_MISC", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-22706", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/support/arm-security-updates", refsource: "MISC", url: "https://developer.arm.com/support/arm-security-updates", }, { name: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", refsource: "MISC", url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-22706", datePublished: "2022-03-03T14:27:54.000Z", dateReserved: "2022-01-06T00:00:00.000Z", dateUpdated: "2025-01-29T16:39:34.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-36449
Vulnerability from cvelistv5
Published
2022-09-01 02:50
Modified
2024-08-03 10:07
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:07:33.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-20T15:06:32", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-36449", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", refsource: "MISC", url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { name: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html", }, { name: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html", }, { name: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html", }, { name: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-36449", datePublished: "2022-09-01T02:50:37", dateReserved: "2022-07-25T00:00:00", dateUpdated: "2024-08-03T10:07:33.946Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44828
Vulnerability from cvelistv5
Published
2022-01-14 19:49
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:32:13.045Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-14T19:49:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-44828", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", refsource: "MISC", url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-44828", datePublished: "2022-01-14T19:49:05", dateReserved: "2021-12-11T00:00:00", dateUpdated: "2024-08-04T04:32:13.045Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28664
Vulnerability from cvelistv5
Published
2021-05-10 00:00
Modified
2025-02-03 14:36
Severity ?
EPSS score ?
Summary
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:47:33.056Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-28664", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T14:36:45.829744Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-28664", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-03T14:36:49.770Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-27T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/support/arm-security-updates", }, { url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28664", datePublished: "2021-05-10T00:00:00.000Z", dateReserved: "2021-03-18T00:00:00.000Z", dateUpdated: "2025-02-03T14:36:49.770Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28147
Vulnerability from cvelistv5
Published
2023-06-01 00:00
Modified
2025-01-09 19:34
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T12:30:24.153Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-28147", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-09T19:33:43.981183Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { description: "CWE-noinfo Not enough information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-09T19:34:08.975Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-01T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-28147", datePublished: "2023-06-01T00:00:00", dateReserved: "2023-03-12T00:00:00", dateUpdated: "2025-01-09T19:34:08.975Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46395
Vulnerability from cvelistv5
Published
2023-03-06 00:00
Modified
2024-11-27 14:56
Severity ?
EPSS score ?
Summary
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:31:46.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-46395", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-27T14:56:10.271182Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-27T14:56:20.905Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/support/arm-security-updates", }, { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { url: "http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-46395", datePublished: "2023-03-06T00:00:00", dateReserved: "2022-12-04T00:00:00", dateUpdated: "2024-11-27T14:56:20.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-28663
Vulnerability from cvelistv5
Published
2021-05-10 00:00
Modified
2024-08-03 21:47
Severity ?
EPSS score ?
Summary
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "bifrost_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r28p0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "valhall_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r28p0", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:arm:midgard_gpu_kernel_driver:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "midgard_gpu_kernel_driver", vendor: "arm", versions: [ { lessThanOrEqual: "r30p0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-28663", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-24T20:58:41.342252Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-28663", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-24T21:02:17.628Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T21:47:33.122Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { tags: [ "x_transferred", ], url: "https://github.com/lntrx/CVE-2021-28663", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/support/arm-security-updates", }, { url: "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", }, { url: "https://github.com/lntrx/CVE-2021-28663", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-28663", datePublished: "2021-05-10T00:00:00", dateReserved: "2021-03-18T00:00:00", dateUpdated: "2024-08-03T21:47:33.122Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-38181
Vulnerability from cvelistv5
Published
2022-10-25 00:00
Modified
2025-02-03 14:32
Severity ?
EPSS score ?
Summary
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:45:52.948Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://developer.arm.com/support/arm-security-updates", }, { tags: [ "x_transferred", ], url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { tags: [ "x_transferred", ], url: "https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/", }, { tags: [ "x_transferred", ], url: "https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-38181", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-03T14:32:24.641082Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2023-03-30", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-38181", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-03T14:32:30.197Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T00:00:00.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://developer.arm.com/support/arm-security-updates", }, { url: "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", }, { url: "https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/", }, { url: "https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/", }, { url: "http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-38181", datePublished: "2022-10-25T00:00:00.000Z", dateReserved: "2022-08-12T00:00:00.000Z", dateUpdated: "2025-02-03T14:32:30.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }