Vulnerabilities > ARM > Bifrost GPU Kernel Driver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2023-26083 | Memory Leak vulnerability in ARM products Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. | 3.3 |
| 2023-03-06 | CVE-2022-46395 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2023-01-17 | CVE-2022-46891 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2022-10-25 | CVE-2022-38181 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. | 8.8 |
| 2022-05-19 | CVE-2022-28349 | Use After Free vulnerability in ARM products Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0. | 9.8 |
| 2022-05-19 | CVE-2022-28348 | Use After Free vulnerability in ARM products Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r19p0 through r36p0 before r37p0) allows improper GPU memory operations to reach a use-after-free situation. | 9.8 |
| 2022-01-14 | CVE-2021-44828 | Out-of-bounds Write vulnerability in ARM products Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other processes. | 7.8 |
| 2021-05-10 | CVE-2021-28663 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. | 8.8 |
| 2021-05-10 | CVE-2021-28664 | Out-of-bounds Write vulnerability in ARM products The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. | 8.8 |