CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-46395 – Android Arm Mali GPU Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2022-46395
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. • https://github.com/SmileTabLabo/CVE-2022-46395 http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46891
https://notcve.org/view.php?id=CVE-2022-46891
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. Se descubrió un problema en el controlador del kernel de GPU Arm Mali. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVSS: 8.8EPSS: 60%CPEs: 5EXPL: 2CVE-2022-38181 – Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-38181
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. Un controlador del kernel de la GPU del correo de la familia de productos Arm versiones hasta 12-08-2022, permite a usuarios no privilegiados realizar operaciones de procesamiento de la GPU inapropiadas para conseguir acceso a la memoria ya liberada Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information. • http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-28348
https://notcve.org/view.php?id=CVE-2022-28348
Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation. Arm Mali GPU Kernel Driver (versiones Midgard r4p0 hasta r31p0, Bifrost r0p0 hasta r36p0 antes de r37p0, y Valhall r19p0 hasta r36p0 antes de r37p0) permite que las operaciones de memoria de la GPU inapropiadas lleguen a una situación de uso de memoria previamente liberada • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-44828
https://notcve.org/view.php?id=CVE-2021-44828
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes. El controlador del kernel de la GPU Arm Mali (Midgard versiones r26p0 hasta r30p0, Bifrost r0p0 a r34p0, y Valhall versiones r19p0 hasta r34p0) permite a un usuario no privilegiado conseguir acceso de escritura a la memoria de sólo lectura, y posiblemente alcanzar privilegios de root, corromper la memoria y modificar la memoria de otros procesos • https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver • CWE-787: Out-of-bounds Write •