7.8
CVE-2022-22706
- EPSS 0.06%
- Published 03.03.2022 15:15:08
- Last modified 07.04.2025 13:09:05
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.
Data is provided by the National Vulnerability Database (NVD)
Arm ≫ Bifrost Gpu Kernel Driver Version >= r0p0 < r36p0
Arm ≫ Midgard Gpu Kernel Driver Version >= r26p0 < r32p0
Arm ≫ Valhall Gpu Kernel Driver Version >= r19p0 < r36p0
30.03.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog
Arm Mali GPU Kernel Driver Unspecified Vulnerability
VulnerabilityArm Mali GPU Kernel Driver contains an unspecified vulnerability that allows a non-privileged user to achieve write access to read-only memory pages.
DescriptionApply updates per vendor instructions.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.191 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.