Arm has issued a critical advisory regarding a security vulnerability, CVE-2024-4610, which has been actively exploited in the wild. This vulnerability impacts the Mali GPU Kernel Driver and poses a significant risk to affected systems. Tracked as CVE-2024-4610, this use-after-free issue affects the Bifrost and Valhall GPU Kernel Drivers, spanning all versions from r34p0 to r40p0.
According to Arm, this vulnerability allows a local non-privileged user to execute improper GPU memory processing operations, potentially gaining access to already freed memory. To address this issue, Arm has released an update for the Bifrost and Valhall GPU Kernel Drivers, specifically version r41p0. It’s crucial to note that this version was released on November 24, 2022. However, the current version of the drivers stands at r49p0, shipped in April 2024, underscoring the importance of timely updates for enhanced security.
The Hacker News has sought clarification from Arm regarding the nature of this vulnerability, inquiring whether it’s a previously known issue now assigned a new CVE identifier or a newly discovered flaw. Arm has acknowledged reports of this vulnerability being exploited in real-world attacks but has refrained from disclosing additional specifics to prevent further abuse. This caution is essential, especially considering the potential for commercial spyware vendors to weaponize such vulnerabilities for highly targeted attacks, as evidenced by the exploitation of previously disclosed zero-day flaws in Arm Mali GPUs.
Users of affected products are strongly advised to update to the appropriate version of the Bifrost and Valhall GPU Kernel Drivers to safeguard their systems against potential threats. Given the severity of this vulnerability and its active exploitation, prompt action is paramount to mitigate risks and ensure the security of GPU-equipped devices.
Reference:
