Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products -
- Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
- Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
"A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," the company said in an advisory last week.
The vulnerability has been addressed in Bifrost and Valhall GPU Kernel Driver r41p0. It's worth noting that this version was released in November, 2022. The current version of the drivers is r49p0, which was shipped in April 2024.
The Hacker News has reached out to Arm to clarify whether this was an old security flaw that's now being assigned a new CVE identifier or if it was newly discovered, and will update the story if we hear back.
The British semiconductor company further acknowledged reports of the shortcoming being exploited in real-world attacks, but did not disclose any additional specifics to prevent further abuse.
That said, previously disclosed zero-day flaws in Arm Mali GPU – CVE-2022-38181 and CVE-2023-4211 – have been weaponized by commercial spyware vendors for highly targeted attacks aimed at Android devices, with the exploitation of the latter linked to an Italian company named Cy4Gate.
Users of affected products are recommended to update to the appropriate version to secure against potential threats.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.