Arm has issued a security advisory highlighting an actively exploited vulnerability affecting Mali GPU drivers, known as CVE-2023-4211. Google’s Threat Analysis Group (TAG) and Project Zero discovered and reported this flaw to Arm.
While specific details are not disclosed publicly, the vulnerability relates to improper access to freed memory, posing risks of compromising or manipulating sensitive data. Arm’s advisory indicates that a local non-privileged user can misuse GPU memory processing operations to gain access to already freed memory.
Furthermore, this vulnerability impacts various Mali GPU driver versions, including Midgard, Bifrost, Valhall, and Arm 5th Gen GPU architecture, with a range of affected versions dating back to their introduction in 2013, 2016, and 2019. Popular devices like the Samsung Galaxy S20/S20 FE and Xiaomi Redmi K30/K40 use the Valhall architecture.
Additionally, Arm has addressed the issue for Bifrost, Valhall, and Arm 5th Gen GPU architectures with kernel driver version r43p0. However, Midgard, which is no longer supported, may not receive a patch for CVE-2023-4211.
Arm also disclosed two other vulnerabilities, CVE-2023-33200 and CVE-2023-34970, which affect Bifrost, Valhall, and Arm’s 5th Gen GPU architecture kernel driver versions up to r44p0. The recommended upgrade targets for addressing these vulnerabilities are r44p1 and r45p0, released on September 15, 2023.
All three vulnerabilities are exploitable by attackers with local access to the device, typically achieved through tricking users into downloading applications from unofficial repositories. The availability of patches for affected devices will depend on how quickly device makers and vendors can integrate them into reliable updates.
