⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2021-11-17. Required action: Apply updates per vendor instructions..

CVE-2021-28663Use After Free in ARM Bifrost GPU Kernel Driver

CWE-416Use After Free9 documents8 sources
Severity
8.8HIGHNVD
EPSS
2.7%
top 14.11%
CISA KEV
KEV
Added 2021-11-03
Due 2021-11-17
Exploit
Exploited in wild
Active exploitation observed
Affected products
4
ARM Bifrost GPU Kernel DriverARM Midgard GPU Kernel DriverARM Valhall GPU Kernel Driver+1 more
Timeline
PublishedMay 10
KEV addedNov 3
KEV dueNov 17
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

NVDarm/bifrost_gpu_kernel_driverr0p0r29p0
NVDarm/midgard_gpu_kernel_driverr4p0r31p0
NVDarm/valhall_gpu_kernel_driverr19p0r29p0

🔴Vulnerability Details

4
GHSA
GHSA-2rc2-892p-6hc2: The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-af2022-05-24
Project0
The More You Know, The More You Know You Don’t Know - Project Zero2022-04-01
OSV
CVE-2021-28663: In kbase_mem_from_user_buffer of mali_kbase_mem_linux2021-05-01
VulnCheck
Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability2021

📋Vendor Advisories

2
CISA
Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability2021-11-03
Android
CVE-2021-28663: Mali2021-05-01

🕵️Threat Intelligence

2
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-012021-11-09
Qualys
Qualys Response to CISA Alert: Binding Operational Directive 22-01 | Qualys2021-11-09