HIGH🚩 CISA KEV⚑ EXPLOITβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2022-38181

CVSS 8.8v3.1pub. 2022-10-25upd. 2025-11-03

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Arm Bifrost Gpu Kernel Driver

    APP
    Arm
    r39p0r0p0 – r38p1
  • Arm Midgard Gpu Kernel Driver

    APP
    Arm
    r4p0 – r31p0
  • Arm Valhall Gpu Kernel Driver

    APP
    Arm
    r39p0r19p0 – r38p1

CISA KEV β€” detailsi

Vendori
Arm
Producti
Mali Graphics Processing Unit (GPU)
Added to KEVi
March 30, 2023
Remediation deadline (US Federal)i
April 20, 2023(overdue)
Required action (CISA)i

Apply updates per vendor instructions.

CISA descriptioni

Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.

πŸ”΄
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
⏰CISA DEADLINE: 20 kwietnia 2023
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2022-28349CRITICAL9.8ten sam produkt

Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 throu...

CVE-2022-28350CRITICAL9.8ten sam produkt

Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r29p0 through r36p0 before r37p0 to reach...

CVE-2022-28348CRITICAL9.8ten sam produkt

Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 through r36p0 before r37p0, and Valhall r...

CVE-2024-4610HIGH7.8⚠ KEVten sam produkt

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a ...

CVE-2022-22706HIGH7.8⚠ KEVten sam produkt

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. Thi...

CVE-2022-38181 β€” Arm β€” Bifrost Gpu Kernel Driver β€” HIGH β€” CVSS 8.8 | CVEbaza.pl