OpenCVE

The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Arm	Bifrost Gpu Kernel Driver Midgard Gpu Kernel Driver Valhall Gpu Kernel Driver

Configuration 1 [-]

OR	cpe:2.3:a:arm:bifrost_gpu_kernel_driver::::::::
	cpe:2.3:a:arm:midgard_gpu_kernel_driver::::::::
	cpe:2.3:a:arm:valhall_gpu_kernel_driver::::::::

No data.

References

Link	Providers
https://developer.arm.com/support/arm-security-updates
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
https://github.com/lntrx/CVE-2021-28663

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-10T00:00:00

Updated: 2024-08-03T21:47:33.122Z

Reserved: 2021-03-18T00:00:00

Link: CVE-2021-28663

Vulnrichment

Updated: 2024-08-03T21:47:33.122Z

NVD

Status : Analyzed

Published: 2021-05-10T15:15:07.557

Modified: 2024-08-13T19:45:46.977

Link: CVE-2021-28663

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-28663", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-03T21:47:33.122Z", "dateReserved": "2021-03-18T00:00:00", "datePublished": "2021-05-10T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-23T00:00:00"}, "descriptions": [{"lang": "en", "value": "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://developer.arm.com/support/arm-security-updates"}, {"url": "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver"}, {"url": "https://github.com/lntrx/CVE-2021-28663"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-416", "lang": "en", "description": "CWE-416 Use After Free"}]}], "affected": [{"vendor": "arm", "product": "bifrost_gpu_kernel_driver", "cpes": ["cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "r28p0", "versionType": "custom"}]}, {"vendor": "arm", "product": "valhall_gpu_kernel_driver", "cpes": ["cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "r28p0", "versionType": "custom"}]}, {"vendor": "arm", "product": "midgard_gpu_kernel_driver", "cpes": ["cpe:2.3:a:arm:midgard_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "r30p0", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-24T20:58:41.342252Z", "id": "CVE-2021-28663", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-28663"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T21:02:17.628Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:47:33.122Z"}, "title": "CVE Program Container", "references": [{"url": "https://developer.arm.com/support/arm-security-updates", "tags": ["x_transferred"]}, {"url": "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", "tags": ["x_transferred"]}, {"url": "https://github.com/lntrx/CVE-2021-28663", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://developer.arm.com/support/arm-security-updates", "tags": ["x_transferred"]}, {"url": "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver", "tags": ["x_transferred"]}, {"url": "https://github.com/lntrx/CVE-2021-28663", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T21:47:33.122Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-28663", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-24T20:58:41.342252Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2021-11-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-28663"}}}], "affected": [{"cpes": ["cpe:2.3:a:arm:bifrost_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "vendor": "arm", "product": "bifrost_gpu_kernel_driver", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "r28p0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:arm:valhall_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "vendor": "arm", "product": "valhall_gpu_kernel_driver", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "r28p0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:arm:midgard_gpu_kernel_driver:-:*:*:*:*:*:*:*"], "vendor": "arm", "product": "midgard_gpu_kernel_driver", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "r30p0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T21:01:38.592Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://developer.arm.com/support/arm-security-updates"}, {"url": "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver"}, {"url": "https://github.com/lntrx/CVE-2021-28663"}], "descriptions": [{"lang": "en", "value": "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-23T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2021-28663", "state": "PUBLISHED", "dateUpdated": "2024-08-03T21:47:33.122Z", "dateReserved": "2021-03-18T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2021-05-10T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2021-11-17", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4A585CF-8557-4660-BD0B-EAE94D1BF8A2", "versionEndExcluding": "r29p0", "versionStartIncluding": "r0p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E1FE39A-BD55-4C5F-BBAA-1138340F8329", "versionEndExcluding": "r31p0", "versionStartIncluding": "r4p0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA218DCD-3CAF-4A64-BE97-F7E4916D9C6F", "versionEndExcluding": "r29p0", "versionStartIncluding": "r19p0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0."}, {"lang": "es", "value": "El controlador del kernel de Arm Mali GPU, permite una escalada de privilegios o una divulgaci\u00f3n de informaci\u00f3n porque las operaciones de la memoria de la GPU son manejadas inapropiadamente, conllevando a un uso de la memoria previamente liberada. Esto afecta a Bifrost versiones r0p0 hasta r28p0, anteriores a r29p0, Valhall versiones r19p0 hasta r28p0 anteriores a r29p0 y Midgard versiones r4p0 hasta r30p0"}], "id": "CVE-2021-28663", "lastModified": "2024-08-13T19:45:46.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-05-10T15:15:07.557", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/lntrx/CVE-2021-28663"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-416"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}