CVE-2021-28663
Published: 10 May 2021
Summary
CVE-2021-28663 is a high-severity Use After Free (CWE-416) vulnerability in Arm Bifrost Gpu Kernel Driver. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 11.9% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).
Deeper analysis
The vulnerability CVE-2021-28663 is a use-after-free flaw (CWE-416) in the Arm Mali GPU kernel driver stemming from mishandled GPU memory operations. It affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0, and carries a CVSS 3.1 score of 8.8.
An attacker with low privileges can exploit the issue over a network to obtain privilege escalation or information disclosure with high impact to confidentiality, integrity, and availability.
Arm security updates direct users to the Mali GPU kernel driver advisory pages for patches that resolve the affected versions by advancing to r29p0 or later releases as appropriate.
A public reference implementation is available on GitHub, though no details on in-the-wild exploitation are provided in the source material.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-15327
Vulnerability details
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through…
more
r30p0.
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely installation of the vendor-supplied Mali GPU driver patches that advance affected Bifrost/Valhall/Midgard versions to r29p0+ and eliminate the use-after-free.
Enforces memory-protection mechanisms that can block or contain the use-after-free condition arising from mishandled GPU memory operations in the kernel driver.
Limits the initial low-privilege context an attacker must obtain before the GPU driver flaw can be reached, thereby reducing the chance of successful privilege escalation.