KEVIntel
Back to KEVs
8.8
CVSS
High

CVE-2021-29256

PUBLISHED

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege...

Exploited in the wild Remote Low complexity No user interaction
Vendor
Arm
Product
Mali GPU kernel driver
Published
May 24, 2021
EPSS

Description

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure or root privilege escalation. This affects Bifrost r16p0 through r29p0 before r30p0, Valhall r19p0 through r29p0 before r30p0, and Midgard r28p0 through r30p0.

cisa nessus_scanner

CVSS scores

CVSS v3.1 8.8 High

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 9.0

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2023-07-07 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
No
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Jul 07, 2023

Scanner integrations

Scanner Reference Detected
Nessus https://www.tenable.com/plugins/nessus/178128 Jun 02, 2025

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nessus