Vulnerabilities > ARM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-12 | CVE-2022-42716 | Use After Free vulnerability in ARM Valhall GPU Kernel Driver An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2022-11-23 | CVE-2022-34830 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in ARM Utgard GPU Kernel Driver R11P0/R12P0 An Arm product family through 2022-06-29 has a TOCTOU Race Condition that allows non-privileged user to make improper GPU processing operations to gain access to already freed memory. | 7.5 |
| 2022-11-08 | CVE-2022-41757 | Unspecified vulnerability in ARM Valhall GPU Kernel Driver An issue was discovered in the Arm Mali GPU Kernel Driver. | 8.8 |
| 2022-10-25 | CVE-2022-38181 | Use After Free vulnerability in ARM products The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. | 8.8 |
| 2022-05-03 | CVE-2021-27431 | Integer Overflow or Wraparound vulnerability in ARM Cmsis-Rtos ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc (local malloc equivalent) function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution. | 7.5 |
| 2022-05-03 | CVE-2021-27433 | Integer Overflow or Wraparound vulnerability in ARM Mbed Ualloc 1.3.0 ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 7.5 |
| 2022-05-03 | CVE-2021-27435 | Integer Overflow or Wraparound vulnerability in ARM Mbed 6.3.0 ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | 7.5 |
| 2022-03-24 | CVE-2021-43666 | A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. | 7.5 |
| 2022-03-03 | CVE-2022-22706 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ARM Bifrost, Midgard and Valhall Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. | 7.8 |
| 2022-02-28 | CVE-2021-43086 | Out-of-bounds Write vulnerability in ARM Adaptive Scalable Texture Compression Encoder 3.2.0 ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. | 7.5 |