What is CVE-2022-42716?

CVE-2022-42716 is a vulnerability in the Arm Mali GPU Kernel Driver that allows a non-privileged user to gain access to already freed memory through improper GPU processing operations.

How does CVE-2022-42716 affect Arm Bifrost Gpu Kernel Driver?

CVE-2022-42716 affects the Arm Bifrost Gpu Kernel Driver versions r1p0 through r40P0.

How does CVE-2022-42716 affect Arm Midguard Gpu Kernel Driver?

CVE-2022-42716 affects the Arm Midguard Gpu Kernel Driver versions r4p0 through r32p0.

How does CVE-2022-42716 affect Arm Valhall Gpu Kernel Driver?

CVE-2022-42716 affects the Arm Valhall Gpu Kernel Driver versions r19p0 through r40P0.

How severe is CVE-2022-42716?

CVE-2022-42716 has a severity rating of 8.8 (high).

Are there any references related to CVE-2022-42716?

Yes, there are references available for CVE-2022-42716. You can find them at the following links: [Packet Storm Security](http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html), [Arm Security Center](https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities), [Android Security Bulletin](https://source.android.com/docs/security/bulletin/2023-04-01/#asterisk).

Vulnerability/
CVE-2022-42716

high

8.8

CWE

416

12/12/2022

15/10/2024

CVE-2022-42716: Use After Free

First published: Mon Dec 12 2022(Updated: )

An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Arm Bifrost Gpu Kernel Driver	>=r1p0<=r40p0
Arm Midguard Gpu Kernel Driver	>=r4p0<=r32p0
Arm Valhall Gpu Kernel Driver	>=r19p0<=r40p0
Arm Valhall Gpu Kernel Driver	>=r29p0<=r40p0
Google Android

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-42716?
CVE-2022-42716 is a vulnerability in the Arm Mali GPU Kernel Driver that allows a non-privileged user to gain access to already freed memory through improper GPU processing operations.
How does CVE-2022-42716 affect Arm Bifrost Gpu Kernel Driver?
CVE-2022-42716 affects the Arm Bifrost Gpu Kernel Driver versions r1p0 through r40P0.
How does CVE-2022-42716 affect Arm Midguard Gpu Kernel Driver?
CVE-2022-42716 affects the Arm Midguard Gpu Kernel Driver versions r4p0 through r32p0.
How does CVE-2022-42716 affect Arm Valhall Gpu Kernel Driver?
CVE-2022-42716 affects the Arm Valhall Gpu Kernel Driver versions r19p0 through r40P0.
How severe is CVE-2022-42716?
CVE-2022-42716 has a severity rating of 8.8 (high).
Are there any references related to CVE-2022-42716?
Yes, there are references available for CVE-2022-42716. You can find them at the following links: [Packet Storm Security](http://packetstormsecurity.com/files/170420/Arm-Mali-CSF-KBASE_REG_NO_USER_FREE-Unsafe-Use-Use-After-Free.html), [Arm Security Center](https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities), [Android Security Bulletin](https://source.android.com/docs/security/bulletin/2023-04-01/#asterisk).

collector/nvd-index
agent/references
agent/author
agent/type
collector/android-source
source/Android
agent/software-canonical-lookup
agent/weakness
agent/severity
agent/softwarecombine
agent/description
agent/tags
agent/first-publish-date
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
vendor/arm
canonical/arm bifrost gpu kernel driver
version/arm bifrost gpu kernel driver/r1p0
version/arm bifrost gpu kernel driver/r40p0
canonical/arm midguard gpu kernel driver
version/arm midguard gpu kernel driver/r4p0
version/arm midguard gpu kernel driver/r32p0
canonical/arm valhall gpu kernel driver
version/arm valhall gpu kernel driver/r19p0
version/arm valhall gpu kernel driver/r40p0
vendor/google
canonical/google android
version/arm valhall gpu kernel driver/r29p0