CVE-2021-29256

HIGHCISA KEV

8.8

Beschreibung

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

CVE Details

CVSS v3.1 Bewertung8.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionNONE

Veroffentlicht5/24/2021

Zuletzt geandert11/3/2025

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerArm

ProduktMali Graphics Processing Unit (GPU)

SchwachstellennameArm Mali GPU Kernel Driver Use-After-Free Vulnerability

KEV Aufnahmedatum2023-07-07

Behebungsfrist2023-07-28

Ransomware-NutzungUnknown

Betroffene Produkte

arm:bifrost_gpu_kernel_driverarm:midgard_gpu_kernel_driverarm:valhall_gpu_kernel_driver

Schwachen (CWE)

CWE-416CWE-416

Referenzen

https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver(cve@mitre.org)

https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-29256(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.