CVE-2021-28664
CVE-2021-28664
In short
A flaw in the Arm Mali GPU driver lets unprivileged users gain unauthorized read and write access to memory pages that should be read-only, potentially allowing them to take control of the system or crash it.
Technical detail
The Mali GPU kernel driver (Bifrost, Valhall, Midgard) contains an out-of-bounds write vulnerability (CWE-787) allowing unprivileged users to modify read-only memory pages. This enables privilege escalation or denial of service through memory corruption. Affected versions: Bifrost r0p0–r29p0, Valhall r19p0–r29p0, Midgard r8p0–r30p0.
Summary generated and translated by AI from the official description.
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilitieshttps://developer.arm.com/support/arm-security-updateshttps://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driverhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-28664