CVE-2021-29256
CVE-2021-29256
In short
The Arm Mali GPU driver has a use-after-free vulnerability that lets unprivileged users access memory that has been freed, potentially exposing sensitive information or gaining root access to the system.
Technical detail
A use-after-free (CWE-416) vulnerability in the Arm Mali GPU kernel driver allows unprivileged local users to read freed memory regions and execute arbitrary code with elevated privileges. The vulnerability affects Bifrost (r16p0–r29p0), Valhall (r19p0–r29p0), and Midgard (r28p0–r30p0) versions prior to patched releases, exploitable via GPU memory management interfaces.
Summary generated and translated by AI from the official description.
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →