CVE-2022-46394

Published: Mar 8, 2023Modified: Mar 5, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r39p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.

Affected (2)

Products: Arm: Avalon Gpu Kernel Driver, Valhall Gpu Kernel Driver

2 products

Avalon Gpu Kernel Driver

Valhall Gpu Kernel Driver

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Arm Avalon Gpu Kernel Driver	Version r41p0
Arm Valhall Gpu Kernel Driver	From r39p0 to r41p0

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (4)

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Source: cve@mitre.org

Vendor Advisory

https://developer.arm.com/support/arm-security-updates

Source: cve@mitre.org

Vendor Advisory

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://developer.arm.com/support/arm-security-updates

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.