Vulnerability Details CVE-2021-28664
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
Proposed Action
Arm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.
Ransomware Campaign
Unknown
References
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://developer.arm.com/support/arm-security-updates
- https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://developer.arm.com/support/arm-security-updates
- https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
Products affected by CVE-2021-28664
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r0p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r11p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r16p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r16p0-01eac0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r17p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r19p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r1p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r25p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r26p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r28p0
-
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r7p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r12p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r13p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r19p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r26p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r28p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r28p0-01eac0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r29p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r30p0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r30p0-01eac0
-
cpe:2.3:a:arm:midgard_gpu_kernel_driver:r8p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r19p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r19p0-01eac0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r25p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r26p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r28p0