Mali GPU Kernel Driver allows improper GPU memory processing operations
CVE-2023-6241

7HIGH

Key Information:

Vendor
Arm Ltd
Status
Midgard Gpu Kernel Driver
Bifrost Gpu Kernel Driver
Valhall Gpu Kernel Driver
Arm 5th Gen Gpu Architecture Kernel Driver
Vendor
CVE Published:
4 March 2024

Badges

๐Ÿ“ˆ Trended๐Ÿ“ˆ Score: 5,630๐Ÿ“ฐ News Worthy

What is CVE-2023-6241?

CVE-2023-6241 is a vulnerability found in the GPU kernel drivers produced by Arm Ltd, specifically affecting the Midgard, Bifrost, Valhall GPU Kernel Drivers, and the 5th Gen GPU Architecture Kernel Driver. These drivers are essential for managing graphic processing tasks in devices leveraging Arm technology. The vulnerability arises from a use-after-free error due to improper memory handling, allowing a non-privileged local user, under specific conditions, to manipulate system memory in a harmful manner. Such exploitation could lead to unauthorized access or the destabilization of system processes, ultimately compromising the integrity and security of the organizational systems that rely on these products.

Technical Details

The vulnerability is categorized as a use-after-free condition, which occurs when a program continues to use a memory reference after the memory it points to has been released. This type of bug can lead to unpredictable behavior, including application crashes and potential arbitrary code execution. In the case of CVE-2023-6241, a local user can exploit this flaw if they manage to prepare the system memory properly, leading to race conditions that could manipulate memory processing operations. The impacted driver versions include:

  • Midgard GPU Kernel Driver: from r13p0 through r32p0
  • Bifrost GPU Kernel Driver: from r11p0 through r25p0
  • Valhall GPU Kernel Driver: from r19p0 through r25p0 and from r29p0 through r46p0
  • Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0

Impact of the Vulnerability

  1. Unauthorized Access and Escalation of Privileges: The vulnerability allows for the potential escalation of privileges by enabling local users to gain unauthorized access to system resources or sensitive information.

  2. System Instability and Crashes: Exploitation of the use-after-free condition can lead to application crashes or system instability, which can disrupt normal operations and affect productivity in an organization.

  3. Data Integrity Risks: If an attacker successfully manipulates memory, it could lead to data corruption or loss, jeopardizing the integrity of critical organizational data and affecting overall trust in the systemโ€™s reliability.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r41p0

Bifrost GPU Kernel Driver r11p0

Midgard GPU Kernel Driver r13p0

News Articles

favicon imageButtondown

March 19, 2024

March 19, 2024 In this post I'll use CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported last November to gain arbitrary kernel code execution...

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ˆ

    Vulnerability started trending

  • ๐Ÿ“ฐ

    First article discovered by Buttondown

  • Vulnerability published

  • Vulnerability Reserved

Credit

Man Yue Mo of GitHub Security Lab
.