CVE-2022-22706
Published: 03 March 2022
Summary
CVE-2022-22706 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Arm Bifrost Gpu Kernel Driver. Its CVSS base score is 7.8 (High).
Operationally, ranked at the 26.1th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-16 (Memory Protection).
Deeper analysis
CVE-2022-22706 is a vulnerability in the Arm Mali GPU Kernel Driver that permits a non-privileged user to gain write access to read-only memory pages. It affects Midgard GPU kernel drivers from r26p0 through r31p0, Bifrost drivers from r0p0 through r35p0, and Valhall drivers from r19p0 through r35p0. The flaw carries a CVSS 3.1 base score of 7.8 and is categorized under CWE-119.
A local attacker with a low-privileged account on an affected system can exploit the issue to corrupt memory protections, potentially leading to full confidentiality, integrity, and availability impacts without user interaction.
Arm has published security updates addressing the Mali GPU kernel driver on its developer portal, and administrators should apply the vendor-supplied patches for the listed GPU families. The vulnerability also appears in CISA’s catalog of known exploited vulnerabilities.
EPSS for the CVE rose sharply from a low baseline to a peak of 0.8356 on 2023-07-05 before receding to its current value of 0.0009, indicating a period of heightened post-disclosure exploitation interest that warrants renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-27849
Vulnerability details
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.
- CWE(s)
- KEV Date Added
- 30 March 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements hardware/software memory protection mechanisms that block unauthorized writes to read-only pages, exactly countering the Mali driver flaw.
Enforces access control policy on memory objects so that low-privileged processes cannot obtain write access to read-only GPU pages.
Restricts privileges granted to user processes and kernel drivers, limiting the attack surface that the Mali vulnerability exploits.