Vulnerability Details CVE-2022-42716
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.2%
CVSS Severity
CVSS v3 Score 8.8
References
- http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Products affected by CVE-2022-42716
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r29p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r30p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r30p0-01eac0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r34p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r35p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r36p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r37p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p1
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p2
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0
-
cpe:2.3:a:arm:valhall_gpu_kernel_driver:r40p0