CVE-2022-38181

Description from NVD

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

Information Acquisition Date:2023-01-24T14:44Z

CVSS 2.0: 0.0 None CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

NVD References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
source:MISC
tags:Vendor Advisory

https://developer.arm.com/support/arm-security-updates
source:MISC
tags:Vendor Advisory

https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
source:MISC
tags:

https://securitylab.github.com/advisories/GHSL-2022-054_Arm_Mali/
source:MISC
tags:

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Android(4 tweets) Linux(1 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://github.blog/2023-01-23-pwning-the-all-google-phone-...	6

▼ Show Information from Twitter(32)

User	URL	Info Source	Date
GHSecurityLab	https://securitylab.github.com/advisories/GHSL-2022-054_Arm...	Source GHSecurityLab 1617511719944732672	2023/01/23
CKsTechNews	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source CKsTechNews 1617554633055944712	2023/01/24
CKsTechNews	https://twitter.com/CKsTechNews/status/1617554633055944712/...	Source CKsTechNews 1617554633055944712	2023/01/24
0xdea	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source 0xdea 1617557207167664130	2023/01/24
mmolgtm	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source mmolgtm 1617570652390854658	2023/01/24
ipssignatures	https://twitter.com/search?src=sprv&q=CVE-2022-38181	Source ipssignatures 1617583947826724871	2023/01/24
ipssignatures	https://twitter.com/mmolgtm/status/1617570652390854658	Source ipssignatures 1617583948699209729	2023/01/24
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-38181	Source threatintelctr 1617589723672739847	2023/01/24
ColorTokensInc	https://xcloud.spectrum.colortokens.com/cve/CVE-2022-38181	Source ColorTokensInc 1617589752055595008	2023/01/24
Din3zh	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source Din3zh 1617644377391894533	2023/01/24
DCWebGuy	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source DCWebGuy 1617716608935559170	2023/01/24
EurekaBerry	https://github.blog/2023-01-23-pwning-the-all-google-phone-...	Source EurekaBerry 1617727655054544896	2023/01/24
the_yellow_fall	https://securityonline.info/poc-code-for-arm-mali-gpu-kerne...	Source the_yellow_fall 1617837088304467969	2023/01/24
AcooEdi	http://dlvr.it/ShM9BN	Source AcooEdi 1617838512174403584	2023/01/24
Komodosec	https://securityonline.info/poc-code-for-arm-mali-gpu-kerne...	Source Komodosec 1617839642975559680	2023/01/24
FilipiPires	https://ift.tt/BU5iSJK	Source FilipiPires 1617848756258340865	2023/01/24
Dinosn	https://securityonline.info/poc-code-for-arm-mali-gpu-kerne...	Source Dinosn 1617871384381911040	2023/01/24
ColorTokensInc	https://xcloud.spectrum.colortokens.com/cve/CVE-2022-38181	Source ColorTokensInc 1617871412487651336	2023/01/24
DragonJAR	https://djar.me/zr9I	Source DragonJAR 1617871475524132866	2023/01/24
DragonJAR	https://twitter.com/DragonJAR/status/1617871475524132866/ph...	Source DragonJAR 1617871475524132866	2023/01/24
SyntifyLtd	https://securityonline.info/poc-code-for-arm-mali-gpu-kerne...	Source SyntifyLtd 1617876462681591809	2023/01/24
CVEtrends	https://cvetrends.com	Source CVEtrends 1617884939885899782	2023/01/24
PentestingN	https://securityonline.info/poc-code-for-arm-mali-gpu-kerne...	Source PentestingN 1617887515666485248	2023/01/24
Har_sia	https://har-sia.info/CVE-2022-38181.html	Source Har_sia 1617901266415529993	2023/01/25
Har_sia	https://har-sia.info/CVE-2022-38181.html	Source Har_sia 1618142898125668355	2023/01/25
__kokumoto	https://www.securityweek.com/arm-vulnerability-leads-to-cod...	Source __kokumoto 1618258055770308608	2023/01/25
IT_news_for_all	https://t.me/s/it_news_for_all/67754	Source IT_news_for_all 1618275079699271680	2023/01/26
IT_news_for_all	https://twitter.com/IT_news_for_all/status/1618275079699271...	Source IT_news_for_all 1618275079699271680	2023/01/26
iicsorg	https://www.cibertip.com/hack-celulares/codigo-poc-para-la-...	Source iicsorg 1618373366767030287	2023/01/26
iicsorg	https://twitter.com/iicsorg/status/1618373366767030287/photo/1	Source iicsorg 1618373366767030287	2023/01/26
ksg93rd	https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthen...	Source ksg93rd 1618444286546284544	2023/01/26
IT_news_for_all	https://t.me/s/it_news_for_all/67842	Source IT_news_for_all 1618752724471775232	2023/01/27

List of frequently cited URLs

URL	Num of Times Referred to
github.blog	6

▼ Show Information from Twitter(32)

User	URL	Info Source
GHSecurityLab	securitylab.github.com	Show Tweet
CKsTechNews	github.blog	Show Tweet
CKsTechNews	twitter.com	Show Tweet
0xdea	github.blog	Show Tweet
mmolgtm	github.blog	Show Tweet
ipssignatures	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
Din3zh	github.blog	Show Tweet
DCWebGuy	github.blog	Show Tweet
EurekaBerry	github.blog	Show Tweet
the_yellow_fall	securityonline.info	Show Tweet
AcooEdi	dlvr.it	Show Tweet
Komodosec	securityonline.info	Show Tweet
FilipiPires	ift.tt	Show Tweet
Dinosn	securityonline.info	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
DragonJAR	djar.me	Show Tweet
DragonJAR	twitter.com	Show Tweet
SyntifyLtd	securityonline.info	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
PentestingN	securityonline.info	Show Tweet
Har_sia	har-sia.info	Show Tweet
Har_sia	har-sia.info	Show Tweet
__kokumoto	securityweek.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	twitter.com	Show Tweet
iicsorg	cibertip.com	Show Tweet
iicsorg	twitter.com	Show Tweet
ksg93rd	sysdig.com	Show Tweet
IT_news_for_all	t.me	Show Tweet

GitHub Search Results: Up to 10

Name	URL
Live-Hack-CVE/CVE-2022-38181	https://github.com/Live-Hack-CVE/CVE-2022-38181

GitHub Search Results: Up to 10

Name	URL
Live-Hack-CVE/CVE-2022-38181	github.com

2023/01/27 Score : 0
Added Har-sia Database : 2022/10/26
Last Modified : 2023/01/27
Highest Scored Date : 2023/01/24
Highest Score : 24