CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Mali GPU Kernel Driver Vulnerability Actively Exploited in the Wild

By Leave a Comment
Mali GPU Kernel Driver Vulnerability Actively Exploited in the Wild

Arm disclosed a critical vulnerability in its Mali GPU Kernel Drivers, identified as CVE-2024-4610. This flaw affects Bifrost and Valhall GPU Kernel Drivers in versions ranging from r34p0 to r40p0.

The vulnerability permits local non-privileged users to perform improper GPU memory processing operations, potentially allowing them to access already freed memory, which can lead to serious security breaches.

The flaw in question lies in how the Mali GPU Kernel Drivers handle memory processing. Specifically, it allows attackers to manipulate GPU memory, gaining unauthorized access to freed memory blocks. This can lead to severe consequences, such as data leakage, privilege escalation, and system instability. Accessing freed memory can expose sensitive information that was previously stored there, making it a prime target for malicious actors.

This vulnerability is particularly concerning given the widespread use of Mali GPU Kernel Drivers. These drivers are integral to the functionality of numerous devices, including popular smartphones and tablets from major manufacturers like Samsung in the Galaxy series.

Arm has acknowledged reports of active exploitation of CVE-2024-4610 in the wild, emphasizing the urgency for users to update their systems. The company has released a fix in the latest driver versions, r41p0, for both Bifrost and Valhall GPUs. Users are strongly urged to apply these updates promptly to mitigate the risk of exploitation.

However, it might be a while until those fixes are incorporated into security updates for your device. Arm distributes these critical patches to device manufacturers and Google for integration into Android security updates.

The actual delivery of these fixes to end-users depends on the device vendors' update schedules and processes. As a result, the availability of these security patches may vary, potentially causing delays for users depending on their specific device model and the efficiency of their manufacturer's update roll-out.

About Alex Lekander

Alex is the founder and Editor-in-Chief of CyberInsider.com. His background and expertise includes digital privacy, security, and tech journalism. When he’s not working behind a screen, Alex is probably tinkering with a boat or enjoying the outdoors.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *