Use-After-Free Vulnerability in Arm Mali GPU Kernel Driver Affecting Valhall Series
CVE-2022-42716

8.8HIGH

Key Information:

Vendor: Arm
Status: Bifrost Gpu Kernel Driver; Midguard Gpu Kernel Driver; Valhall Gpu Kernel Driver
Vendor: CVE Published:; 12 December 2022

What is CVE-2022-42716?

An issue within the Arm Mali GPU Kernel Driver allows a non-privileged user to exploit improper processing operations, leading to access to previously freed memory. This vulnerability particularly affects versions Valhall r29p0 through r40P0, potentially compromising the integrity of applications relying on secure GPU operations.

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2022
Vulnerability Reserved
Oct 10, 2022