CVE-2022-46891

HIGH

Arm Mali GPU Kernel Driver - Use After Free

Title source: llm

Description

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r13p0 through r32p0, Bifrost r1p0 through r40p0, and Valhall r19p0 through r40p0.

References (1)

Core 1

Core References

Vendor Advisory

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Scores

CVSS v3 8.8

EPSS 0.0032

EPSS Percentile 55.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-416

Status published

Products (3)

arm/bifrost_gpu_kernel_driver r1p0 - r40p0

arm/midgard_gpu_kernel_driver r13p0 - r32p0

arm/valhall_gpu_kernel_driver r19p0 - r40p0

Published Jan 17, 2023

Tracked Since Feb 18, 2026