Arm Mali CSF KBASE_REG_NO_USER_FREE Unsafe Use Use-After-Free
The Mali driver tries to use the KBASE_REG_NO_USER_FREE flag to ensure
that the memory region referenced by kbase_csf_tiler_heap::buf_desc_reg
cannot be freed by userspace. However, this flag is only a single bit, and there can be multiple tiler heaps referencing the same memory region. This
can lead to a use-after-free condition.
https://packetstormsecurity.com/files/170420/GS20230110134636.tgz
Tue, 10 Jan 2023 13:48:02 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com