First published: Mon May 24 2021(Updated: )
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Arm Mali Graphics Processing Unit (GPU) | ||
Google Android | ||
Arm Bifrost | >=r16p0-01eac0<r30p0-01eac0 | |
Arm Midgard | >=r28p0-01eac0<=r30p0-01eac0 | |
Arm Valhall | >=r19p0-01eac0<r30p0-01eac0 |
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-29256 is a use-after-free vulnerability in the Arm Mali GPU Kernel Driver that could allow a non-privileged user to gain root privileges and/or disclose information.
The vulnerability affects devices using the Arm Mali Graphics Processing Unit (GPU) and Google Android.
CVE-2021-29256 has a high severity level with a CVSS score of 7.
The vulnerability can be exploited by a non-privileged user to gain root privilege and/or disclose information.
You should update your Arm Mali GPU Kernel Driver to the latest version available and install any relevant patches provided by your device manufacturer.