← Voltar para CVEs
CVE-2021-29256
HIGHCISA KEV8.8
Descricao
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado5/24/2021
Ultima modificacao11/3/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorArm
ProdutoMali Graphics Processing Unit (GPU)
Nome da vulnerabilidadeArm Mali GPU Kernel Driver Use-After-Free Vulnerability
Data inclusao KEV2023-07-07
Prazo de remediacao2023-07-28
Uso em ransomwareUnknown
Produtos afetados
arm:bifrost_gpu_kernel_driverarm:midgard_gpu_kernel_driverarm:valhall_gpu_kernel_driver
Fraquezas (CWE)
CWE-416CWE-416
Referencias
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-29256(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.