Vulnerabilities > CVE-2021-28664 - Out-of-bounds Write vulnerability in ARM products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

arm

CWE-787

NVD

Published: 2021-05-10

Updated: 2023-12-13

Summary

The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.

Vulnerable Configurations

Part	Description	Count
Application	Arm ARM Bifrost GPU Kernel Driver R0P0 ARM Bifrost GPU Kernel Driver R17P0 ARM Valhall GPU Kernel Driver R19P0 ARM Midgard GPU Kernel Driver R8P0 ARM Midgard GPU Kernel Driver R26P0 ARM Midgard GPU Kernel Driver R29P0 ARM Midgard GPU Kernel Driver R30P0	7

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Vulnerabilities > CVE-2021-28664 - Out-of-bounds Write vulnerability in ARM products

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Related news

References