Use-After-Free Vulnerability in Arm Mali GPU Kernel Driver Affecting Multiple Versions
CVE-2022-28349

9.8CRITICAL

Key Information:

Vendor: Arm
Status: Midguard Gpu Kernel Driver; Bifrost Gpu Kernel Driver; Valhall Gpu Kernel Driver
Vendor: CVE Published:; 19 May 2022

What is CVE-2022-28349?

The Arm Mali GPU Kernel Driver is affected by a use-after-free vulnerability that exists in specific versions of the Midgard, Bifrost, and Valhall architectures. This flaw can potentially lead to unexpected behaviors and security risks if exploited. Users of the driver are advised to apply the latest security updates to mitigate any risks associated with this vulnerability.

References

https://developer.arm.com/support/arm-security-updates

x_refsource_MISC

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2022
Vulnerability Reserved
Apr 2, 2022