CVE Vulnerability

CVE-2022-42716

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory
http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html
Configurations

Configuration 1

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midguard_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
Information

Published : 2022-12-12 08:15

Updated : 2023-01-10 04:15

NVD link : CVE-2022-42716

Mitre link : CVE-2022-42716

Products Affected
No products.
CWE
CWE-416