CVE-2022-41757
published 2022-11-08CVE-2022-41757: An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to…
PriorityP346high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.68%
47.7th percentile
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | valhall_gpu_kernel_driver | — | — |
| arm | valhall_gpu_kernel_driver | >= r29p0 < r38p2 | r38p2 |
| android | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2022-41757: In kbase_csf_queue_group_suspend_prepare of mali_kbase_csf_kcpu
osv·2023-04-01
CVE-2022-41757 CVE-2022-41757: In kbase_csf_queue_group_suspend_prepare of mali_kbase_csf_kcpu
In kbase_csf_queue_group_suspend_prepare of mali_kbase_csf_kcpu.c , there is a possible out of bounds write due to incorrect memory mapping. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSA
GHSA-pggw-w357-q8q8: An issue was discovered in the Arm Mali GPU Kernel Driver
ghsa_unreviewed·2022-11-08
CVE-2022-41757 [HIGH] GHSA-pggw-w357-q8q8: An issue was discovered in the Arm Mali GPU Kernel Driver
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0.
Android
CVE-2022-41757: Mali
vendor_android·2023-04-01·CVSS 8.8
CVE-2022-41757 [HIGH] CVE-2022-41757: Mali
Android Security Bulletin 2023-04-01
CVE: CVE-2022-41757
Severity: HIGH
Component: Mali
References: A-254445909*
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-11-08
Published