Lucene search

PRIOn knowledge basePRION:CVE-2021-29256

HistoryMay 24, 2021 - 6:15 p.m.

Information disclosure

2021-05-2418:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

89.8%

JSON

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

CPENameOperatorVersion
bifrosteq>= r16p01eac0 AND < r30p01eac0
midgardeq>= r28p01eac0 AND <= r30p01eac0
valhalleq>= r19p01eac0 AND < r30p01eac0

Name	Operator	Version
bifrost	eq	>= r16p01eac0 AND < r30p01eac0
midgard	eq	>= r28p01eac0 AND <= r30p01eac0
valhall	eq	>= r19p01eac0 AND < r30p01eac0

References

developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.025 Low

EPSS

Percentile

89.8%

JSON

Related for PRION:CVE-2021-29256