Vulnerabilities > ARM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-28147 | Unspecified vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 5.5 |
| 2023-04-11 | CVE-2022-46396 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM products An issue was discovered in the Arm Mali Kernel Driver. | 3.3 |
| 2023-04-11 | CVE-2023-22808 | Out-of-bounds Read vulnerability in ARM products An issue was discovered in the Arm Android Gralloc Module. | 3.3 |
| 2023-04-06 | CVE-2022-46781 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 3.3 |
| 2023-04-06 | CVE-2023-26083 | Memory Leak vulnerability in ARM products Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. | 3.3 |
| 2023-03-15 | CVE-2023-26084 | Improper Initialization vulnerability in ARM Aarch64Cryptolib The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. | 3.7 |
| 2023-03-08 | CVE-2022-46394 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2023-03-06 | CVE-2022-46395 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2023-01-17 | CVE-2021-36647 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in ARM Mbed TLS Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. | 4.7 |
| 2023-01-17 | CVE-2022-46891 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |