Vulnerability Description
. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arm | Bifrost Gpu Kernel Driver | >= r16p0, < r30p0 |
| Arm | Midgard Gpu Kernel Driver | >= r28p0, < r31p0 |
| Arm | Valhall Gpu Kernel Driver | >= r19p0, < r30p0 |
Related Weaknesses (CWE)
References
- https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driverVendor Advisory
- https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driverVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-US Government Resource
FAQ
What is CVE-2021-29256?
CVE-2021-29256 is a vulnerability with a CVSS score of 8.8 (HIGH). . The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0...
How severe is CVE-2021-29256?
CVE-2021-29256 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-29256?
Check the references section above for vendor advisories and patch information. Affected products include: Arm Bifrost Gpu Kernel Driver, Arm Midgard Gpu Kernel Driver, Arm Valhall Gpu Kernel Driver.