CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-46395 – Android Arm Mali GPU Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2022-46395
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. • https://github.com/SmileTabLabo/CVE-2022-46395 http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities https://developer.arm.com/support/arm-security-updates • CWE-416: Use After Free •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2021-36647
https://notcve.org/view.php?id=CVE-2021-36647
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. • https://github.com/ARMmbed/mbedtls/releases https://kouzili.com/Load-Step.pdf https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-07-1 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-46891
https://notcve.org/view.php?id=CVE-2022-46891
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0. Se descubrió un problema en el controlador del kernel de GPU Arm Mali. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47630
https://notcve.org/view.php?id=CVE-2022-47630
Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state. Trusted Firmware-A hasta su versión 2.8 tiene una lectura fuera de los límites en el analizador X.509 para analizar los certificados de arranque. Esto afecta el uso posterior de get_ext y auth_nvctr. • http://www.openwall.com/lists/oss-security/2023/01/16/8 https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html https://www.trustedfirmware.org/news • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 1CVE-2022-48251
https://notcve.org/view.php?id=CVE-2022-48251
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture." • https://eprint.iacr.org/2022/230 https://eshard.com/posts/sca-attacks-on-armv8 • CWE-203: Observable Discrepancy •