Arm, a leader in semiconductor technology, has recently disclosed a series of critical vulnerabilities affecting its Mali GPU kernel drivers and firmware. These flaws impact various GPU architectures, including Bifrost, Valhall, and the Arm 5th Gen GPU Architecture, posing significant security risks to users of devices powered by these components. Among the disclosed issues, CVE-2024-4610 stands out as it has already been exploited in real-world attacks, highlighting the urgency for affected users to update their systems immediately. This vulnerability allows attackers to access freed memory, potentially enabling further exploitation or system compromise.
The vulnerabilities span a range of issues, including improper GPU memory processing, which can lead to system crashes, privilege escalation, or information leakage.
Specifically, CVE-2024-4610 affects versions r34p0 to r40p0 of the Bifrost and Valhall GPU kernel drivers, allowing local, non-privileged attackers to perform unauthorized memory operations. Arm has released updates addressing this flaw and others, urging all impacted users to upgrade their drivers to versions r41p0 and newer. These updates are essential for minimizing exposure to the vulnerabilities and preventing exploitation.
In addition to CVE-2024-4610, Arm disclosed several other security flaws that affect both Mali GPU kernel drivers and firmware components. These flaws range in severity and include the potential for full system memory access, as seen with CVE-2024-0153. Attackers exploiting these vulnerabilities could manipulate GPU processing operations or even trigger system crashes, especially when vulnerabilities are exploited via local user processes or web-based technologies like WebGL or WebGPU. For users and developers, upgrading to the latest driver and firmware versions is critical to mitigating these risks.
To address the vulnerabilities, Arm has provided clear guidance on which versions of drivers and firmware need to be updated. For Valhall and Arm 5th Gen GPU drivers, users should upgrade to versions r49p2, r52p0, or later, while Bifrost drivers should be updated to version r49p1 or newer. Firmware updates are also necessary, with the recommended version being r47p0 or later. Arm’s proactive disclosure underscores the importance of maintaining up-to-date software and hardware, especially for systems using Mali GPUs in consumer devices like smartphones and tablets. Users, developers, and device manufacturers must apply these patches promptly to protect against potential exploitation.
