CVE-2022-46395
published 2023-03-06CVE-2022-46395: An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed…
PriorityP352high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.68%
83.9th percentile
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | avalon_gpu_kernel_driver | — | — |
| arm | bifrost_gpu_kernel_driver | r0p0 – r41p0 | — |
| arm | midgard_gpu_kernel_driver | r0p0 – r32p0 | — |
| arm | valhall_gpu_kernel_driver | r19p0 – r41p0 | — |
| android | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability affects Arm Mali GPU Kernel Driver across multiple GPU families: Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 (before r42p0), Valhall r19p0 through r41p0 (before r42p0), and Avalon r41p0 (before r42p0). Detection should focus on identifying vulnerable driver versions on Android devices. ↗
- →The exploit primitive is improper GPU processing operations by a non-privileged user leading to use-after-free (UAF) on already freed GPU memory. Monitor for anomalous GPU kernel driver calls from unprivileged processes. ↗
- →Android Security Bulletin (2023-05-01) tracks this as HIGH severity under the Mali component with Android bug reference A-267357916. Use this reference to cross-check patch status on Android devices. ↗
- ·Midgard GPU family (r0p0 through r32p0) has no patch available via r42p0 — the fixed version boundary (r42p0) only applies to Bifrost, Valhall, and Avalon. Midgard devices may remain permanently vulnerable unless a vendor-specific patch is issued. ↗
- ·The Android Security Bulletin entry is marked with an asterisk (*), which typically indicates the patch has not been made publicly available by the upstream vendor at time of publication. Verify patch availability directly with device OEMs. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2022-46395: In tbd of tbd, there is a possible memory corruption due to a use after free
osv·2023-05-01
CVE-2022-46395 CVE-2022-46395: In tbd of tbd, there is a possible memory corruption due to a use after free
In tbd of tbd, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
GHSA
GHSA-fpqq-p5q5-4fhw: An issue was discovered in the Arm Mali GPU Kernel Driver
ghsa_unreviewed·2023-03-06
CVE-2022-46395 [HIGH] CWE-416 GHSA-fpqq-p5q5-4fhw: An issue was discovered in the Arm Mali GPU Kernel Driver
An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
Android
CVE-2022-46395: Mali
vendor_android·2023-05-01·CVSS 8.8
CVE-2022-46395 [HIGH] CVE-2022-46395: Mali
Android Security Bulletin 2023-05-01
CVE: CVE-2022-46395
Severity: HIGH
Component: Mali
References: A-267357916
*
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.htmlhttps://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilitieshttps://developer.arm.com/support/arm-security-updateshttp://packetstormsecurity.com/files/172855/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.htmlhttps://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilitieshttps://developer.arm.com/support/arm-security-updates
2023-03-06
Published