CVE-2022-22706

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-22706
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://developer.arm.com/support/arm-security-updates Vendor Advisory
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver Vendor Advisory
https://developer.arm.com/support/arm-security-updates Vendor Advisory
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
History

07 Apr 2025, 13:09

Type Values Removed Values Added
CPE cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*
First Time Arm valhall Gpu Kernel Driver
Arm midgard Gpu Kernel Driver
Arm bifrost Gpu Kernel Driver
First Time Arm valhall Gpu Kernel Driver
Arm midgard Gpu Kernel Driver
Arm bifrost Gpu Kernel Driver
CPE cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*

14 Mar 2025, 16:50

Type Values Removed Values Added
First Time Arm bifrost
Arm valhall
Arm midgard
CPE cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*		 cpe:2.3:a:arm:valhall:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:bifrost:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:midgard:*:*:*:*:*:*:*:*

21 Nov 2024, 06:47

Type Values Removed Values Added
References () https://developer.arm.com/support/arm-security-updates - Vendor Advisory () https://developer.arm.com/support/arm-security-updates - Vendor Advisory
References () https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver - Vendor Advisory () https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver - Vendor Advisory

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-119
Information

Published : 2022-03-03 15:15

Updated : 2025-04-07 13:09

NVD link : CVE-2022-22706

Mitre link : CVE-2022-22706

CVE.ORG link : CVE-2022-22706

JSON object : View

Products Affected

arm

  • bifrost_gpu_kernel_driver
  • midgard_gpu_kernel_driver
  • valhall_gpu_kernel_driver
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer