CVE-2022-22706

Publication date 3 March 2022

Last updated 25 August 2025

Ubuntu priority

Cvss 3 Severity Score

Description

Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
mali-midgard-dkms	16.04 LTS xenial	Ignored end of standard support
mali-midgard-dkms	14.04 LTS trusty	Ignored end of standard support

How can I get the fixes?
What do statuses mean?

Severity score breakdown

Parameter	Value
Base score	7.8 · High
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

MITRE
NVD
Launchpad
Debian

Other references

https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
https://developer.arm.com/support/arm-security-updates
https://www.cve.org/CVERecord?id=CVE-2022-22706
https://www.cisa.gov/known-exploited-vulnerabilities-catalog