CVE-2022-36449

2022-09-0103:15:16

CWE-416

[email protected]

web.nvd.nist.gov

arm mali gpu

kernel driver

memory access

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.021

Percentile

89.3%

JSON

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.

Affected configurations

Nvd

Node

armbifrostRanger0p0–r38p0

armbifrostMatchr39p0

armmidgardRanger4p0–r32p0

armvalhallRanger19p0–r38p0

armvalhallMatchr39p0

VendorProductVersionCPE
armbifrost*cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
armbifrostr39p0cpe:2.3:a:arm:bifrost:r39p0:*:*:*:*:*:*:*
armmidgard*cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*
armvalhall*cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
armvalhallr39p0cpe:2.3:a:arm:valhall:r39p0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
arm	bifrost	*	cpe:2.3:a:arm:bifrost::::::::
arm	bifrost	r39p0	cpe:2.3:a:arm:bifrost:r39p0:::::::*
arm	midgard	*	cpe:2.3:a:arm:midgard::::::::
arm	valhall	*	cpe:2.3:a:arm:valhall::::::::
arm	valhall	r39p0	cpe:2.3:a:arm:valhall:r39p0:::::::*