Improper Memory Processing in Arm Mali Kernel Driver
CVE-2022-46396

3.3LOW

Key Information:

Vendor: Arm
Status: Avalon Gpu Kernel Driver; Valhall Gpu Kernel Driver
Vendor: CVE Published:; 11 April 2023

Summary

An issue has been identified in the Arm Mali Kernel Driver, where a non-privileged user can perform improper GPU memory processing operations. This flaw enables access to a limited amount of data outside of designated buffer bounds, potentially leading to unauthorized information disclosure. The vulnerability impacts specific versions of the Valhall and Avalon GPU architectures, underscoring the need for timely updates and vigilance in application security.

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2023
Vulnerability Reserved
Dec 4, 2022