Lucene search

[email protected]NVD:CVE-2022-42716

HistoryDec 12, 2022 - 8:15 p.m.

CVE-2022-42716

2022-12-1220:15:10

CWE-416

[email protected]

web.nvd.nist.gov

arm mali

gpu

kernel driver

use-after-free

valhall r29p0

valhall r40p0

memory access

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

38.2%

JSON

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.

Affected configurations

NVD

Node

armvalhall_gpu_kernel_driverRanger29p0–r40p0

References

packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

38.2%

JSON

Related for NVD:CVE-2022-42716

cve1 nessus1 cvelist1 prion1