Use After Free Vulnerability in Arm Ltd GPU Kernel Drivers
CVE-2024-1067

Currently unrated

Key Information:

Vendor: Arm Ltd
Status: Mali GPU Kernel Driver
Vendor: CVE Published:; 3 May 2024

Summary

A use after free vulnerability exists in Arm Ltd's GPU Kernel Drivers, including the Bifrost, Valhall, and 5th Gen GPU architecture. This flaw permits local non-privileged users to manipulate GPU memory improperly, which could lead to unauthorized access to userspace memory of other processes. The issue surfaces under specific configurations of the Linux kernel paired with the Mali GPU kernel driver on Armv8.0 cores. Users of versions r41p0 through r47p0 for these drivers should remain vigilant for potential memory safety risks.

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

Timeline

Vulnerability published
May 3, 2024