6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.7 Medium
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
80.4%
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.
CPE | Name | Operator | Version |
---|---|---|---|
bifrost | eq | 39p0-r | |
bifrost | eq | >= r0p0 AND <= r38p0 | |
midgard | eq | >= r4p0 AND <= r32p0 | |
valhall | eq | 39p0-r | |
valhall | eq | >= r19p0 AND <= r38p0 |
packetstormsecurity.com/files/168431/Arm-Mali-Released-Buffer-Use-After-Free.html
packetstormsecurity.com/files/168432/Arm-Mali-Physical-Address-Exposure.html
packetstormsecurity.com/files/168433/Arm-Mali-Race-Condition.html
packetstormsecurity.com/files/168434/Arm-Mali-CSF-Missing-Buffer-Size-Check.html
developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.7 Medium
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
80.4%