Headline
CVE-2022-22706: Arm Security Updates | Mali GPU Driver Vulnerabilities – Arm Developer
An Arm product family through 2022-01-03 has an Exposed Dangerous Method or Function.
Sorry, your browser is not supported. We recommend upgrading your browser. We have done our best to make all the documentation and resources available on old versions of Internet Explorer, but vector image support and the layout may not be optimal. Technical documentation is available as a PDF Download.
Title
Mali GPU Kernel Driver may elevate CPU RO pages to writable
CVE
CVE-2022-22706
Date of issue
6th January 2022
Affects
Midgard GPU Kernel Driver: All versions from r26p0 – r31p0
Bifrost GPU Kernel Driver: All versions from r0p0 – r35p0
Valhall GPU Kernel Driver: All versions from r19p0 – r35p0
Impact
A non-privileged user can get a write access to read-only memory pages.
Resolution
This issue is fixed in Bifrost and Valhall GPU Kernel Driver r36p0. It will be fixed in future Midgard release. Users are recommended to upgrade if they are impacted by this issue.
Credit
n/a
Title
Mali GPU Kernel Driver elevates CPU RO pages to writable
CVE
CVE-2021-44828
Date of issue
11th December 2021
Affects
Midgard GPU Kernel Driver: All versions from r26p0 – r30p0
Bifrost GPU Kernel Driver: All versions from r0p0 – r34p0
Valhall GPU Kernel Driver: All versions from r19p0 - r34p0
Impact
A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.
Resolution
This issue is fixed in Bifrost and Valhall GPU Kernel Driver r35p0. It will be fixed in future Midgard release. Users are recommended to upgrade if they are impacted by this issue.
Credit
n/a
Title
Mali GPU Kernel Driver allows improper operations on GPU memory
CVE
CVE-2021-28663
Date of issue
18th March 2021
Affects
Midgard GPU Kernel Driver: All versions from r4p0 – r30p0
Bifrost GPU Kernel Driver: All versions from r0p0 – r28p0
Valhall GPU Kernel Driver: All versions from r19p0 - r28p0
Impact
A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information.
Resolution
This issue is fixed in Bifrost and Valhall GPU Kernel Driver r29p0. It will be fixed in future Midgard release. Users are recommended to upgrade if they are impacted by this issue.
Credit
n/a
Title
Mali GPU Kernel Driver elevates CPU RO pages to writable
CVE
CVE-2021-28664
Date of issue
18th March 2021
Affects
Midgard GPU Kernel Driver: All versions from r8p0 – r30p0
Bifrost GPU Kernel Driver: All versions from r0p0 – r28p0
Valhall GPU Kernel Driver: All versions from r19p0 - r28p0
Impact
A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes.
Resolution
This issue is fixed in Bifrost and Valhall GPU Kernel Driver r29p0. It will be fixed in future Midgard release. Users are recommended to upgrade if they are impacted by this issue.
Credit
n/a
Title
Mali GPU Kernel Driver allows improper operations on GPU memory
CVE
CVE-2021-29256
Date of issue
26th March 2021
Affects
Midgard GPU Kernel Driver: All versions from r28p0 – r30p0
Bifrost GPU Kernel Driver: All versions from r16p0 – r29p0
Valhall GPU Kernel Driver: All versions from r19p0 - r29p0
Impact
A non-privileged User can make improper operations on GPU memory to gain access to already freed memory and may be able to gain root privilege, and/or disclose information.
Resolution
This issue is fixed in Bifrost and Valhall GPU Kernel Driver r30p0. It will be fixed in future Midgard release. Users are recommended to upgrade if they are impacted by this issue.
Credit
Thanks to Brice Berna, of the Apple Media Products RedTeam for reporting this vulnerability.