cve/2022/CVE-2022-38181.md

### [CVE-2022-38181](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38181)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0.

### POC

#### Reference
- http://packetstormsecurity.com/files/172854/Android-Arm-Mali-GPU-Arbitrary-Code-Execution.html
- https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/

#### Github
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/NetKingJ/awesome-android-security
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Pro-me3us/CVE_2022_38181_Gazelle
- https://github.com/Pro-me3us/CVE_2022_38181_Raven
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/xairy/linux-kernel-exploitation