9
CVE-2021-28664
- EPSS 0.13%
- Veröffentlicht 10.05.2021 15:15:07
- Zuletzt bearbeitet 03.04.2025 19:15:16
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r8p0 through r30p0 before r31p0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arm ≫ Bifrost Gpu Kernel Driver Version >= r0p0 < r29p0
Arm ≫ Midgard Gpu Kernel Driver Version >= r8p0 < r31p0
Arm ≫ Valhall Gpu Kernel Driver Version >= r19p0 < r29p0
03.11.2021: CISA Known Exploited Vulnerabilities (KEV) Catalog
Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability
SchwachstelleArm Mali Graphics Processing Unit (GPU) kernel driver contains an unspecified vulnerability that may allow a non-privileged user to gain write access to read-only memory, gain root privilege, corrupt memory, and modify the memory of other processes.
BeschreibungApply updates per vendor instructions.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.338 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.