Use After Free Vulnerability in Arm Ltd Valhall GPU Kernel Driver
CVE-2023-6363

Currently unrated

Key Information:

Vendor: Arm Ltd
Status: 5th Gen Gpu Architecture Kernel Driver; Valhall Gpu Kernel Driver
Vendor: CVE Published:; 3 May 2024

What is CVE-2023-6363?

A use after free vulnerability has been identified in the Valhall GPU Kernel Driver by Arm Ltd, where a local non-privileged user could exploit improper GPU memory processing operations. By carefully preparing the system’s memory, an attacker could gain unauthorized access to previously freed memory blocks. This situation poses a security risk for systems utilizing the affected GPU drivers, specifically versions ranging from r41p0 to r47p0 in both the Valhall and Arm 5th Gen architectures.

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 3, 2024