Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-44828
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non-privileged user to achieve write access to read-only memory, and possibly obtain root privileges, corrupt memory, and modify the memory of other proc...
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm Midgard Gpu Kernel Driver
8.8
CVSSv3
CVE-2021-28663
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through...
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm Midgard Gpu Kernel Driver
1 Github repository
4.7
CVSSv3
CVE-2023-33200
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.
Arm Mali Gpu Kernel Driver
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
9.8
CVSSv3
CVE-2022-28349
Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through r29p0 before r30p0, Bifrost r17p0 through r23p0 before r24p0, and Valhall r19p0 through r23p0 before r24p0.
Arm Midguard Gpu Kernel Driver
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
8.1
CVSSv3
CVE-2016-10629
nw-with-arm is a NW Installer including ARM-Build. nw-with-arm downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the ...
Nw-with-arm Project Nw-with-arm
3.3
CVSSv3
CVE-2023-22808
An issue exists in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0.
Arm Bifrost Android Gralloc Module
Arm Valhall Android Gralloc Module
Arm Avalon Android Gralloc Module R41p0
7.8
CVSSv3
CVE-2023-5427
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue...
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm 5th Gen Gpu Architecture Kernel Driver
7.8
CVSSv3
CVE-2023-5643
Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of th...
Arm 5th Gen Gpu Architecture Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm Bifrost Gpu Kernel Driver
7.5
CVSSv3
CVE-2019-17210
A denial-of-service issue exists in the MQTT library in Arm Mbed OS 2017-11-02. The function readMQTTLenString() is called by the function MQTTDeserialize_publish() to get the length and content of the MQTT topic name. In the function readMQTTLenString(), mqttstring->lenstring...
Arm Mbed-mqtt 2017-11-02
Arm Mbed-os -
5.5
CVSSv3
CVE-2023-34320
Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Regis...
Arm Cortex-a77 Firmware R0p0
Arm Cortex-a77 Firmware R1p0
Xen Xen
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »