{"vulnerability": "CVE-2022-33917", "sightings": [{"uuid": "ae035b46-eb3a-431b-9335-f960f8490441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "content": "", "creation_timestamp": "2022-11-22T21:05:00.000000Z"}, {"uuid": "8150d753-4aec-4ea0-aeea-5b60078a302a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/crackcodes/1544", "content": "\ud83d\udd25Mind the Gap \n\nThe week before FirstCon22, Maddie gave an internal preview of her talk(\"0-day In-the-Wild Exploitation in 2022\u2026so far\"). Inspired by the description of an in-the-wild vulnerability in low-level memory management code, fellow Project Zero researcher Jann Horn started auditing the ARM Mali GPU driver. Over the next three weeks, Jann found five more exploitable vulnerabilities (2325, 2327, 2331, 2333, 2334).\n\n\u26a0\ufe0fThe vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable.", "creation_timestamp": "2022-11-28T14:41:47.000000Z"}, {"uuid": "e1edffe1-ed13-474f-ac05-64b6b614c415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3742", "content": "\u0417\u0430\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u0437 \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u0434\u0435\u043b\u0430\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u043e\u0434\u0435\u043b\u0438 Google, Samsung, Xiaomi, Oppo, Vivo, Honor, Asus, RealMe, Motorola, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0430\u0440\u043e\u043a. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0447\u0438\u043f\u043e\u0432 Arm Mali \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c-\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f (OEM) \u043d\u0443\u0436\u043d\u043e \u0432\u0440\u0435\u043c\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0438\u0445 \u0432 \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u2014 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u0432\u0440\u0435\u043c\u044f \u0434\u043e \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0422\u0440\u0435\u0432\u043e\u0433\u0443 \u0437\u0430\u0431\u0438\u043b\u0438 Google Project Zero, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u00ab\u043f\u0440\u043e\u0431\u0435\u043b\u0435 \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445\u00bb.\n\nProject Zero \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  CVE-2022-33917 \u0438 CVE-2022-36449 (\u0441\u043e\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0432 \u0438\u044e\u043d\u0435 2022 \u0433\u043e\u0434\u0430.\n\nCVE-2022-33917 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 GPU \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0430\u043c \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Valhall r29p0 \u0434\u043e r38p0.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0412\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Midgard r4p0 \u0434\u043e r32p0, Bifrost \u043e\u0442 r0p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1 \u0438 Valhall \u043e\u0442 r19p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1.\n\n\u0414\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Mali \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0438\u043c\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438, \u043a\u0430\u043a MediaTek, HiSilicon Kirin \u0438 Exyno, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0440\u044b\u043d\u043a\u0435.\n\nProject Zero \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043a\u0430\u043a (2325, 2327, 2331, 2333 \u0438 2334) \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u044e\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Android.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0442 Arm \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0448\u043b\u043e \u0434\u043e OEM-\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 \u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 Pixel.\n\n\u0427\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c Android \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0432\u043e\u0438\u043c \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0431\u0443\u0434\u0443\u0442 \u0441\u0430\u043c\u0438 \u043d\u0435\u0441\u0442\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u0430 \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0436\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0434\u0435\u043b\u0430\u0442\u044c, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0442\u044c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u0438\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0432\u044b\u043a\u0430\u0442\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Midgard \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u0440\u043e\u0449\u0430\u0442\u044c\u0441\u044f \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0433\u0430\u0434\u0436\u0435\u0442\u0430\u043c\u0438.", "creation_timestamp": "2022-11-24T12:08:24.000000Z"}, {"uuid": "c7e271f8-00d3-4138-9056-ce134e5f719b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1471", "content": "#exploit\n1. CVE-2022-26696:\nmacOS Sandbox Escape vulnerability via Terminal\nhttps://wojciechregula.blog/post/macos-sandbox-escape-via-terminal\n\n2. CVE-2022-33917:\nArm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling\n]-&gt; https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2022-11-23T16:05:12.000000Z"}, {"uuid": "f3078ac3-b904-4fbc-9d53-4e88154f2908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/cibsecurity/47453", "content": "\u203c CVE-2022-33917 \u203c\n\nAn issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T02:18:11.000000Z"}, {"uuid": "3aa0ee5b-ebd4-4c84-837f-f65734068e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7224", "content": "#exploit\n1. CVE-2022-26696:\nmacOS Sandbox Escape vulnerability via Terminal\nhttps://wojciechregula.blog/post/macos-sandbox-escape-via-terminal\n\n2. CVE-2022-33917:\nArm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling\n]-&gt; https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2022-11-23T11:03:00.000000Z"}, {"uuid": "11b41a67-d396-46f1-9378-a23950739f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/androidMalware/1711", "content": "Vulnerability discovered in devices with a Mali GPU\nThe vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others) \nhttps://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2023-02-18T06:16:28.000000Z"}]}