Vulnerabilities > CVE-2022-38181 - Use After Free vulnerability in ARM products
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Related news
References
- http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://developer.arm.com/support/arm-security-updates
- https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
- https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/
- http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html
- https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/
- https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
- https://developer.arm.com/support/arm-security-updates
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities