CVE-2021-39793
published 2022-03-16CVE-2021-39793: In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local…
PriorityP182high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-02
Exploited in the wild
EPSS
0.73%
49.5th percentile
In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is in the function `kbase_jd_user_buf_pin_pages` within `mali_kbase_mem.c` — monitor for exploitation attempts targeting Mali GPU kernel driver logic errors leading to out-of-bounds write ↗
- →This vulnerability enables local privilege escalation with no additional execution privileges required and no user interaction — treat any unprivileged local process on affected Google Pixel/Android kernel devices as a potential threat actor ↗
- →CVE-2021-39793 is listed as a Known Exploited Vulnerability by CISA against Google Pixel devices — prioritize detection and patching on Android kernel / Google Pixel fleet ↗
- ·No public exploit code, hashes, network indicators, or signatures were present in the available sources. Detection must rely on kernel-level behavioral monitoring (e.g., unexpected privilege escalation from unprivileged processes interacting with the Mali GPU driver) rather than static IOCs. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vulncheck7.8HIGH
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Project0
Mind the Gap - Project Zero
project_zero·2022-11-01·CVSS 7.8
CVE-2021-39793 [HIGH] Mind the Gap - Project Zero
By Ian Beer, Project Zero
Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable.
## Introduction
In June 2022, Project Zero researcher Maddie Stone gave a talk at FirstCon22 titled 0-day In-the-Wild Exploitation in 2022…so far. A key takeaway was that approximately 50% of the observed 0-days in the first half of 2022 were variants of previously patched vulnerabilities. This finding is consistent with our understanding of attacker behavior: attackers will take the path of least resistance, and as long as vendors don't consistently
Project0
2022 0-day In-the-Wild Exploitation…so far - Project Zero
project_zero·2022-06-01·CVSS 8.8
CVE-2016-5128 [HIGH] 2022 0-day In-the-Wild Exploitation…so far - Project Zero
Posted by Maddie Stone, Google Project Zero
This blog post is an overview of a talk, “ 0-day In-the-Wild Exploitation in 2022…so far”, that I gave at the FIRST conference in June 2022. The slides are available here.
For the last three years, we’ve published annual year-in-review reports of 0-days found exploited in the wild. The most recent of these reports is the 2021 Year in Review report, which we published just a few months ago in April. While we plan to stick with that annual cadence, we’re publishing a little bonus report today looking at the in-the-wild 0-days detected and disclosed in the first half of 2022.
As of June 15, 2022, there have been 18 0-days detected and disclosed as exploited in-the-wild in 2022. When we analyzed those 0-days, we found that at least nin
GHSA
GHSA-mx45-vcw4-89j8: In kbase_jd_user_buf_pin_pages of mali_kbase_mem
ghsa_unreviewed·2022-03-17
CVE-2021-39793 [HIGH] CWE-787 GHSA-mx45-vcw4-89j8: In kbase_jd_user_buf_pin_pages of mali_kbase_mem
In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A
OSV
CVE-2021-39793: In kbase_jd_user_buf_pin_pages of mali_kbase_mem
osv·2022-03-01
CVE-2021-39793 CVE-2021-39793: In kbase_jd_user_buf_pin_pages of mali_kbase_mem
In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
VulnCheck
Google Pixel Out-of-Bounds Write Vulnerability
vulncheck·2021·CVSS 7.8
CVE-2021-39793 [HIGH] CWE-787 Google Pixel Out-of-Bounds Write Vulnerability
Google Pixel Out-of-Bounds Write Vulnerability
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
Affected: Google Pixel
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://raw.githubusercontent.com/blackorbird/APT_REPORT/master/summary/2023/360_APT_Annual_Research_Report_2022.pdf; https://ti.qianxin.com/uploads/2024/02/02/dcc93e586f9028c68e7ab34c3326ff31.pdf; https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors.pdf
Re
Project0
Project Zero RCA: CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
project_zero·CVSS 8.8
CVE-2022-4262 [HIGH] Project Zero RCA: CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
# CVE-2022-4262: Incorrect Bytecode Generation by JavaScript Parser
*Samuel Groß, V8 Security*
## The Basics
**Disclosure or Patch Date:** 2 December 2022
**Product:** Google Chrome
**Advisory:** https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html
**Affected Versions:** 108.0.5359.71 and previous
**First Patched Version:** 108.0.5359.94
**Issue/Bug Report:** https://bugs.chromium.org/p/chromium/issues/detail?id=1394403
**Patch CL:** https://chromium.googlesource.com/v8/v8/+/27fa951ae4a3801126e84bc94d5c82dd2370d18b
**Bug-Introducing CL:** N/A
**Reporter(s):** Clement Lecigne of Google's Threat Analysis Group
## The Code
**Proof-of-concept:**
```javascript
let alloc = function() {
let tt = new ArrayBuffer(31 * 1024 * 1024 * 1024);
tt = new ArrayBu
Project0
Project Zero RCA: CVE-2022-22706 / CVE-2021-39793: Mali GPU driver makes read-only imported pages host-writable
project_zero·CVSS 8.8
CVE-2021-39793 [HIGH] Project Zero RCA: CVE-2022-22706 / CVE-2021-39793: Mali GPU driver makes read-only imported pages host-writable
# CVE-2022-22706 / CVE-2021-39793: Mali GPU driver makes read-only imported pages host-writable
*Jann Horn*
## The Basics
**Disclosure or Patch Date:** March 7, 2022
**Product:** Arm Mali GPU driver for Linux/Android
**Advisory:**
- from Arm (upstream): https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- from Google Pixel: https://source.android.com/security/bulletin/pixel/2022-03-01#pixel
**Affected Versions:** see Arm advisory (note that the affected version range
for the Bifrost version of the related CVE-2021-28664 seems to be off-by-one)
**First Patched Version:**
- for Arm: see Arm advisory
- for Pixel: patch level 2022-03-05
**Issue/Bug Report:** N/A
**Patch CL:** https://android.googlesource.com/kernel/google-modules/gpu/+/5381ff7b410
CISA
Google Pixel Out-of-Bounds Write Vulnerability
cisa·2022-04-11·CVSS 7.8
CVE-2021-39793 [HIGH] CWE-787 Google Pixel Out-of-Bounds Write Vulnerability
Vulnerability: Google Pixel Out-of-Bounds Write Vulnerability
Affected: Google Pixel
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-39793
Remediation Due Date: 2022-05-02
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-16
Published
2022-04-11
Added to CISA KEV
Exploited in the wild