Vulnerabilities > ARM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2022-46891 | Use After Free vulnerability in ARM products An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2023-01-16 | CVE-2022-47630 | Out-of-bounds Read vulnerability in ARM Trusted Firmware-A Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. | 7.4 |
| 2023-01-10 | CVE-2022-48251 | Information Exposure Through Discrepancy vulnerability in ARM products The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. | 7.5 |
| 2022-12-12 | CVE-2022-42716 | Use After Free vulnerability in ARM Valhall GPU Kernel Driver An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2022-11-23 | CVE-2022-34830 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0 An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory. | 7.5 |
| 2022-11-08 | CVE-2022-41757 | Unspecified vulnerability in ARM Valhall GPU Kernel Driver An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2022-10-25 | CVE-2022-38181 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. | 8.8 |
| 2022-05-03 | CVE-2021-27431 | Integer Overflow or Wraparound vulnerability in ARM Cmsis-Rtos ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc (local malloc equivalent) function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution. | 7.5 |
| 2022-05-03 | CVE-2021-27433 | Integer Overflow or Wraparound vulnerability in ARM Mbed Ualloc 1.3.0 ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 7.5 |
| 2022-05-03 | CVE-2021-27435 | Integer Overflow or Wraparound vulnerability in ARM Mbed 6.3.0 ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 7.5 |