CVE-2022-22706

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-22706
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://developer.arm.com/support/arm-security-updates Vendor Advisory
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver Vendor Advisory
https://developer.arm.com/support/arm-security-updates Vendor Advisory
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
History

07 Apr 2025, 13:09

Type Values Removed Values Added
First Time Arm valhall Gpu Kernel Driver
Arm midgard Gpu Kernel Driver
Arm bifrost Gpu Kernel Driver
CPE cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
CPE cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
First Time Arm valhall Gpu Kernel Driver
Arm midgard Gpu Kernel Driver
Arm bifrost Gpu Kernel Driver

14 Mar 2025, 16:50

Type Values Removed Values Added
First Time Arm bifrost
Arm valhall
Arm midgard
CPE cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*

21 Nov 2024, 06:47

Type Values Removed Values Added
References () https://developer.arm.com/support/arm-security-updates - Vendor Advisory () https://developer.arm.com/support/arm-security-updates - Vendor Advisory
References () https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver - Vendor Advisory () https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver - Vendor Advisory

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-119
Information

Published : 2022-03-03 15:15

Updated : 2025-04-07 13:09

NVD link : CVE-2022-22706

Mitre link : CVE-2022-22706

CVE.ORG link : CVE-2022-22706

JSON object : View

Products Affected

arm

  • valhall_gpu_kernel_driver
  • midgard_gpu_kernel_driver
  • bifrost_gpu_kernel_driver
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer