CyberSec.Space Logo
Back to CVE Browser

CVE-2021-28663

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score90.3970%
EPSS Percentile86.01th
PublishedMay 10, 2021
Last ModifiedNov 3, 2025

Vulnerability Description

The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0.

Affected Platforms (CPE)

πŸ“¦
Arm

Bifrost Gpu Kernel Driver

>= r0p0 and < r29p0
πŸ“¦
Arm

Midgard Gpu Kernel Driver

>= r4p0 and < r31p0
πŸ“¦
Arm

Valhall Gpu Kernel Driver

>= r19p0 and < r29p0

References & Advisories

πŸ”— https://developer.arm.com/support/arm-security-updates
πŸ”— https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
πŸ”— https://github.com/lntrx/CVE-2021-28663
πŸ”— https://developer.arm.com/support/arm-security-updates
πŸ”— https://developer.arm.com/support/arm-security-updates/mali-gpu-kernel-driver
πŸ”— https://github.com/lntrx/CVE-2021-28663
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-28663

Related Vulnerabilities

CVE-2021-286648.8

The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user...

CVE-2021-292568.8

. The Arm Mali GPU kernel driver allows an unprivileged user to achieve access to freed memory, leading to information disclosure ...

CVE-2021-448287.8

Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall r19p0 through r34p0) allows a non...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...