{"uuid": "8150d753-4aec-4ea0-aeea-5b60078a302a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/crackcodes/1544", "content": "\ud83d\udd25Mind the Gap \n\nThe week before FirstCon22, Maddie gave an internal preview of her talk(\"0-day In-the-Wild Exploitation in 2022\u2026so far\"). Inspired by the description of an in-the-wild vulnerability in low-level memory management code, fellow Project Zero researcher Jann Horn started auditing the ARM Mali GPU driver. Over the next three weeks, Jann found five more exploitable vulnerabilities (2325, 2327, 2331, 2333, 2334).\n\n\u26a0\ufe0fThe vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable.", "creation_timestamp": "2022-11-28T14:41:47.000000Z"}