{"vulnerability": "CVE-2021-28664", "sightings": [{"uuid": "3847bb34-fa0f-4219-a241-fa5765548d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "0e483c25-1b2e-4af2-9331-3d365aa81713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "95c90426-3910-4976-916c-cd0bf57ad9bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "MISP/6ce6c946-ebd2-4185-9349-c6d62f7a4f01", "content": "", "creation_timestamp": "2024-11-14T06:09:01.000000Z"}, {"uuid": "6dd9cf1e-0440-4c2c-ad84-ef2656dbade0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971124", "content": "", "creation_timestamp": "2024-12-24T20:24:36.128416Z"}, {"uuid": "5144db4c-7a4a-40bc-9a22-056d1a5741a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:54.000000Z"}, {"uuid": "f42f25b5-85cd-4371-9c6e-c4b8ac780f04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-28664", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/eb59cea1-7647-4d4b-a9ac-157f73de8e8d", "content": "", "creation_timestamp": "2026-02-02T12:28:38.950508Z"}, {"uuid": "94b48467-241d-4f7e-a0ee-e7353df95a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "https://t.me/arpsyndicate/1361", "content": "#ExploitObserverAlert\n\nCVE-2021-28664\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-28664. The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.\n\nFIRST-EPSS: 0.004200000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-05T01:53:45.000000Z"}, {"uuid": "8f7e5689-19fb-4375-a1a5-03ccb578c10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "seen", "source": "https://t.me/androidMalware/1217", "content": "Four Android vulnerabilities patched earlier this month may be under limited, targeted exploitation (CVE-2021-1905, CVE-2021-1906, CVE-2021-28663, CVE-2021-28664)\nhttps://therecord.media/arm-and-qualcomm-zero-days-quietly-patched-in-this-months-android-security-updates/", "creation_timestamp": "2021-06-08T17:52:38.000000Z"}, {"uuid": "da22e3b4-79df-4858-86d3-48825437949a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-28664", "type": "exploited", "source": "https://t.me/androidMalware/1514", "content": "A Year in Review of 0-days Used In-the-Wild in 2021 by Google\nIn 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:\n - Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)\n - ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)\n - Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)\n\nFor the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:\n - IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)\n - XNU Kernel (CVE-2021-1782 & CVE-2021-30869)\n - CoreGraphics (CVE-2021-30860)\n - CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)\nhttps://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html", "creation_timestamp": "2022-04-27T11:03:23.000000Z"}]}