CVE-2022-38181
| CVE Published | 2022-10-25 |
|---|---|
| Related CWE(s) | CWE-416: Use After Free |
| Related Vendor(s) | arm |
| Related Product(s) | midgard_gpu_kernel_driver, bifrost_gpu_kernel_driver, valhall_gpu_kernel_driver |
| Exploitation Reported (CISA KEV) | 2023-03-30 |
| CVSS 3 Base Score | 8.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph