CVE-2022-38181 - OpenCVE

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Arm	Valhall Gpu Kernel Driver Bifrost Gpu Kernel Driver Midgard Gpu Kernel Driver

Configuration 1 [-]

OR	cpe:2.3:a:arm:bifrost_gpu_kernel_driver::::::::
	cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:::::::*
	cpe:2.3:a:arm:midgard_gpu_kernel_driver::::::::
	cpe:2.3:a:arm:valhall_gpu_kernel_driver::::::::
	cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:::::::*

References

Link	Resource
http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities	Vendor Advisory
https://developer.arm.com/support/arm-security-updates	Vendor Advisory
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/	Exploit Third Party Advisory
https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-25T00:00:00

Updated: 2023-06-12T00:00:00

Reserved: 2022-08-12T00:00:00

Link: CVE-2022-38181

JSON object: View

NVD Information

Status : Modified

Published: 2022-10-25T19:15:11.487

Modified: 2023-12-13T13:51:52.563

Link: CVE-2022-38181

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"cisaActionDue": "2023-04-20", "cisaExploitAdd": "2023-03-30", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Arm Mali GPU Kernel Driver Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "822BBE31-6AD6-4C5A-A01C-0994215DD167", "versionEndIncluding": "r38p1", "versionStartIncluding": "r0p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", "matchCriteriaId": "C5628A8D-18D5-4A0F-A474-13024A73F17F", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1AB50D5-AAC9-473D-B450-8275CB7E1676", "versionEndIncluding": "r31p0", "versionStartIncluding": "r4p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "3DC17807-E62F-4601-BF21-E64DFA7AA3ED", "versionEndIncluding": "r38p1", "versionStartIncluding": "r19p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*", "matchCriteriaId": "05471A20-62BC-4626-BE77-0902B098834E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0."}, {"lang": "es", "value": "Un controlador del kernel de la GPU del correo de la familia de productos Arm versiones hasta 12-08-2022, permite a usuarios no privilegiados realizar operaciones de procesamiento de la GPU inapropiadas para conseguir acceso a la memoria ya liberada"}], "id": "CVE-2022-38181", "lastModified": "2023-12-13T13:51:52.563", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-25T19:15:11.487", "references": [{"source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}