Arm Mali GPU Kernel Driver Unspecified Vulnerability (CVE-2022-22706)

A local attacker, with a low-privilege account, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2023-04-20 under CISA BOD 22-01.

This is a Buffer Overflow (CWE-119) vulnerability in Arm Mali Graphics Processing Unit (GPU). Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0. Exploitation requires local access, low attack complexity, a low-privilege authenticated account, and no user interaction required.

Probably yes if any of these apply:

CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2023-03-30 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2023-04-20.