Vulnerabilities > CVE-2022-36449 - Use After Free vulnerability in ARM Bifrost, Midgard and Valhall

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

arm

CWE-416

NVD

Published: 2022-09-01

Updated: 2022-09-29

Summary

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory, write a limited amount outside of buffer bounds, or to disclose details of memory mappings. This affects Midgard r4p0 through r32p0, Bifrost r0p0 through r38p0 and r39p0 before r38p1, and Valhall r19p0 through r38p0 and r39p0 before r38p1.

Vulnerable Configurations

Part	Description	Count
Application	Arm ARM Valhall R39P0 ARM Valhall R19P0 ARM Valhall R19P0-01Eac0 ARM Valhall R30P0 ARM Valhall R30P0-01Eac0 ARM Valhall R38P0 ARM Bifrost R39P0 ARM Bifrost R0P0 ARM Bifrost R16P0 ARM Bifrost R16P0-01Eac0 ARM Bifrost R30P0 ARM Bifrost R30P0-01Eac0 ARM Bifrost R38P0 ARM Midgard R4P0 ARM Midgard R28P0 ARM Midgard R28P0-01Eac0 ARM Midgard R30P0 ARM Midgard R30P0-01Eac0 ARM Midgard R32P0	19

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Vulnerabilities > CVE-2022-36449 - Use After Free vulnerability in ARM Bifrost, Midgard and Valhall

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Related news

References