CVE-2022-46395

Summary

CVE	CVE-2022-46395
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-03-06 14:15:00 UTC
Updated	2023-12-13 13:51:00 UTC
Description	An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Risk And Classification

Problem Types: CWE-416

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Arm	Avalon Gpu Kernel Driver	r41p0	All	All	All
Application	Arm	Bifrost Gpu Kernel Driver	All	All	All	All
Application	Arm	Midgard Gpu Kernel Driver	All	All	All	All
Application	Arm	Midguard Gpu Kernel Driver	All	All	All	All
Application	Arm	Valhall Gpu Kernel Driver	All	All	All	All

References

Reference	Source	Link	Tags
Arm Security Center	MISC	developer.arm.com
developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities	CONFIRM	developer.arm.com
Android Arm Mali GPU Arbitrary Code Execution ≈ Packet Storm	MISC	packetstormsecurity.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

610481 Google Android Devices May 2023 Security Patch Missing
610493 Google Android June 2023 Security Patch Missing for Samsung