Improper Memory Operations in Arm Mali GPU Kernel Driver
CVE-2022-28348

9.8CRITICAL

Key Information:

Vendor: Arm
Status: Midguard Gpu Kernel Driver; Bifrost Gpu Kernel Driver; Valhall Gpu Kernel Driver
Vendor: CVE Published:; 19 May 2022

What is CVE-2022-28348?

The Arm Mali GPU Kernel Driver presents a security vulnerability due to improper memory handling, potentially leading to use-after-free conditions. This issue affects specific versions across the Midgard, Bifrost, and Valhall architectures. Attackers may exploit this vulnerability to manipulate GPU memory, resulting in unexpected behavior or system instability. Users are encouraged to update their drivers to the latest version to mitigate the risks associated with this vulnerability.

References

https://developer.arm.com/support/arm-security-updates

x_refsource_MISC

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2022
Vulnerability Reserved
Apr 2, 2022