#VU74191 Use-after-free in ARM products - CVE-2022-38181
Published: March 30, 2023 / Updated: January 15, 2024
Vulnerability identifier: #VU74191
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2022-38181
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
The vulnerability is being exploited in the wild
Vulnerable software:
Midgard GPU Kernel Driver
Bifrost GPU Kernel Driver
Valhall GPU Kernel Driver
Midgard GPU Kernel Driver
Bifrost GPU Kernel Driver
Valhall GPU Kernel Driver
Software vendor:
ARM
ARM
Description
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
Note, this vulnerability is known to be exploited in targeted attacks spotted in November 2022.
Remediation
Install updates from vendor's website.
External links
- https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
- https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
- https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/
- https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/