CVE-2022-38181 – Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-38181
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. Un controlador del kernel de la GPU del correo de la familia de productos Arm versiones hasta 12-08-2022, permite a usuarios no privilegiados realizar operaciones de procesamiento de la GPU inapropiadas para conseguir acceso a la memoria ya liberada Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information. • http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali • CWE-416: Use After Free •
CVE-2022-36449 – Arm Mali CSF Missing Buffer Size Check
https://notcve.org/view.php?id=CVE-2022-36449
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1. Se ha detectado un problema en el controlador del kernel de la GPU Arm Mali. Un usuario no privilegiado puede realizar operaciones inapropiadas de procesamiento de la GPU para conseguir acceso a la memoria ya liberada, escribir una cantidad limitada fuera de límites del búfer o divulgar detalles de las asignaciones de memoria. • http://packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html http://packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html http://packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html http://packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVE-2022-33917 – Arm Mali CSF VMA Split Mishandling
https://notcve.org/view.php?id=CVE-2022-33917
An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory. Se ha detectado un problema en el controlador del kernel de la GPU Arm Mali (versiones Valhall r29p0 hasta r38p0). Un usuario no privilegiados puede realizar operaciones incorrectas de procesamiento de la GPU para conseguir acceso a la memoria ya liberada • http://packetstormsecurity.com/files/168147/Arm-Mali-CSF-VMA-Split-Mishandling.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities •
CVE-2022-35409
https://notcve.org/view.php?id=CVE-2022-35409
An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. Se ha descubierto un problema en Mbed TLS antes de la versión 2.28.1 y 3.x antes de la 3.2.0. • https://github.com/Mbed-TLS/mbedtls/releases https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://mbed-tls.readthedocs.io/en/latest/security-advisories/advisories/mbedtls-security-advisory-2022-07.html • CWE-125: Out-of-bounds Read •
CVE-2022-28349
https://notcve.org/view.php?id=CVE-2022-28349
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. Arm Mali GPU Kernel Driver presenta una situación de uso de memoria previamente liberada: versiones Midgard r28p0 hasta r29p0 anteriores a r30p0, Bifrost r17p0 hasta r23p0 anteriores a r24p0, y Valhall r19p0 hasta r23p0 anteriores a r24p0 • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates • CWE-416: Use After Free •