Vulnerability intelligence

CVE-2022-38181

Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

Arm Mali Graphics Processing Unit (GPU)

Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that may allow a non-privileged user to gain root privilege and/or disclose information.

CVSS Score

8.8

High

EPSS — Exploit Probability

0.0%

Riskier than 0% of all CVEs

Exploitation

Confirmed in the wild

Used in ransomware campaigns

Remediation

Patch available

Federal deadline 2023-04-20

CISA required action

Apply updates per vendor instructions. Deadline for federal agencies: 2023-04-20.

NVD entry Vendor patch PoC / advisory CISA KEV

1 article across 1 outlet · first covered May 3, 2026 · latest May 3, 2026

Coverage timeline

Spyware vendors use 0-days and n-days against popular platforms
blog.google · May 3, 2026