ByteOS Network

NVD Vulnerability Details :

CVE-2021-29256

Analyzed

Known KEV

More Info Official Page

Source-cve@mitre.org

View Known Exploited Vulnerability (KEV) details

Published At-24 May, 2021 | 18:15

Updated At-07 Apr, 2025 | 13:08

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

CISA Catalog

Date Added	Due Date	Vulnerability Name	Required Action
2023-07-07	2023-07-28	Arm Mali GPU Kernel Driver Use-After-Free Vulnerability	Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C

CPE Matches

Arm Limited

>>bifrost_gpu_kernel_driver>>Versions from r16p0(inclusive) to r30p0(exclusive)

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*:*

Arm Limited

>>midgard_gpu_kernel_driver>>Versions from r28p0(inclusive) to r31p0(exclusive)

cpe:2.3:a:arm:midgard_gpu_kernel_driver:*:*:*:*:*:*:*:*

Arm Limited

>>valhall_gpu_kernel_driver>>Versions from r19p0(inclusive) to r30p0(exclusive)

cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-416	Primary	nvd@nist.gov
CWE-416	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver	cve@mitre.org	Vendor Advisory
https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History