First published: Thu May 19 2022(Updated: )
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Arm Bifrost Gpu Kernel Driver | >=r17p0<=r23p0 | |
Arm Midguard Gpu Kernel Driver | >=r28p0<=r29p0 | |
Arm Valhall Gpu Kernel Driver | >=r19p0<=r23p0 | |
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-28349 is a vulnerability in Arm Mali GPU Kernel Driver that allows for use-after-free.
Arm Bifrost Gpu Kernel Driver versions r17p0 through r23p0 are affected by CVE-2022-28349.
Arm Midguard Gpu Kernel Driver versions r28p0 through r29p0 are affected by CVE-2022-28349.
Arm Valhall Gpu Kernel Driver versions r19p0 through r23p0 are affected by CVE-2022-28349.
CVE-2022-28349 has a severity rating of 9.8 (Critical).
You can find more information about CVE-2022-28349 at the following references: [Arm Security Center](https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities), [Arm Security Updates](https://developer.arm.com/support/arm-security-updates), [Android Security Bulletin](https://source.android.com/docs/security/bulletin/2023-06-01/#asterisk).
To fix CVE-2022-28349, it is recommended to apply the latest security updates provided by Arm and Android.