Use-after-free in ARM products - CVE-2022-38181
Published: March 30, 2023 / Updated: January 15, 2024
Vulnerability identifier: #VU74191
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2022-38181
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: ARM
Affected software:
Midgard GPU Kernel Driver
Bifrost GPU Kernel Driver
Valhall GPU Kernel Driver
Midgard GPU Kernel Driver
Bifrost GPU Kernel Driver
Valhall GPU Kernel Driver
Detailed vulnerability description
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Note, this vulnerability is known to be exploited in targeted attacks spotted in November 2022.
How to mitigate CVE-2022-38181
Install updates from vendor's website.
Sources
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
- https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/
- https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/