Vulnerabilities > CVE-2022-38181 - Use After Free vulnerability in ARM products

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

arm

CWE-416

NVD

Published: 2022-10-25

Updated: 2023-12-13

Summary

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

Vulnerable Configurations

Part	Description	Count
Application	Arm ARM Valhall GPU Kernel Driver R39P0 ARM Valhall GPU Kernel Driver R19P0 ARM Valhall GPU Kernel Driver R29P0 ARM Valhall GPU Kernel Driver R34P0 ARM Valhall GPU Kernel Driver R38P0 ARM Valhall GPU Kernel Driver R38P1 ARM Bifrost GPU Kernel Driver R39P0 ARM Bifrost GPU Kernel Driver R0P0 ARM Bifrost GPU Kernel Driver R17P0 ARM Bifrost GPU Kernel Driver R34P0 ARM Bifrost GPU Kernel Driver R38P1 ARM Midgard GPU Kernel Driver R4P0 ARM Midgard GPU Kernel Driver R8P0 ARM Midgard GPU Kernel Driver R26P0 ARM Midgard GPU Kernel Driver R29P0 ARM Midgard GPU Kernel Driver R30P0 ARM Midgard GPU Kernel Driver R31P0	17

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Vulnerabilities > CVE-2022-38181 - Use After Free vulnerability in ARM products

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Related news

References