CVE-2022-42716

CVSS V2 None CVSS V3 None
Description
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.
Overview
  • CVE ID
  • CVE-2022-42716
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-12T20:15:10
  • Last Modified Date
  • 2023-03-01T15:08:26
Weakness Enumerations
CWE URL
CWE-416 http://cwe.mitre.org/data/definitions/416.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:* 1 OR r1p0 r40p0
cpe:2.3:a:arm:midguard_gpu_kernel_driver:*:*:*:*:*:*:*:* 1 OR r4p0 r32p0
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:* 1 OR r19p0 r40p0
References
Reference URL Reference Tags
http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-42716
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42716
History
Created Old Value New Value Data Type Notes
2022-12-12 20:15:51 Added to TrackCVE
2022-12-13 02:15:09 2022-12-12T20:15:10.713 2022-12-12T20:15:10 CVE Published Date updated
2022-12-13 02:15:09 2022-12-13T01:45:52 CVE Modified Date updated
2022-12-13 02:15:09 Received Awaiting Analysis Vulnerability Status updated
2022-12-13 18:17:56 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-14 02:14:34 2022-12-14T01:15:10 CVE Modified Date updated
2022-12-14 02:14:34 An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r4p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40P0. An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0. Description updated
2022-12-15 16:17:49 2022-12-15T14:03:20 CVE Modified Date updated
2022-12-15 16:17:49 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-15 16:17:49 CWE-416 Weakness Enumeration new
2022-12-15 16:17:49 CPE Information updated
2023-01-10 16:17:20 2023-01-10T16:15:12 CVE Modified Date updated
2023-01-10 16:17:20 Analyzed Modified Vulnerability Status updated
2023-01-10 16:17:21 References updated
2023-01-12 05:15:23 Modified Undergoing Analysis Vulnerability Status updated
2023-03-01 15:14:27 2023-03-01T15:08:26 CVE Modified Date updated
2023-03-01 15:14:27 Undergoing Analysis Analyzed Vulnerability Status updated