CVE-2022-22706

HIGH KEV

ARM Bifrost Gpu Kernel Driver < r36p0 - Memory Corruption

Title source: rule

Description

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

References (3)

[Vendor Advisory] https://developer.arm.com/support/arm-security-updates

[Vendor Advisory] https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22706

Scores

CVSS v3 7.8

EPSS 0.0009

EPSS Percentile 25.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-03-30

VulnCheck KEV 2022-01-06

InTheWild.io 2022-04-16

ENISA EUVD EUVD-2022-27849

CWE

CWE-119

Status published

Products (3)

arm/bifrost_gpu_kernel_driver r0p0 - r36p0

arm/midgard_gpu_kernel_driver r26p0 - r32p0

arm/valhall_gpu_kernel_driver r19p0 - r36p0

Published Mar 03, 2022

KEV Added Mar 30, 2023

Tracked Since Feb 18, 2026