Lucene search

MitreCVE-2022-46394

HistoryMar 08, 2023 - 7:15 p.m.

CVE-2022-46394

2023-03-0819:15:10

CWE-416

mitre

web.nvd.nist.gov

arm

mali

gpu

kernel

driver

vulnerability

unauthorized access

memory

cve-2022-46394

nvd

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

43.3%

JSON

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Affected configurations

Nvd

Node

armavalon_gpu_kernel_driverMatchr41p0

armvalhall_gpu_kernel_driverRanger39p0–r41p0

VendorProductVersionCPE
armavalon_gpu_kernel_driverr41p0cpe:2.3:a:arm:avalon_gpu_kernel_driver:r41p0:*:*:*:*:*:*:*
armvalhall_gpu_kernel_driver*cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
arm	avalon_gpu_kernel_driver	r41p0	cpe:2.3:a:arm:avalon_gpu_kernel_driver:r41p0:::::::*
arm	valhall_gpu_kernel_driver	*	cpe:2.3:a:arm:valhall_gpu_kernel_driver::::::::

References

developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

developer.arm.com/support/arm-security-updates

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

43.3%

JSON

Related for CVE-2022-46394