Use After Free Vulnerability Affects Arm Ltd Bifrost GPU Kernel Driver
CVE-2024-4610
Key Information:
- Vendor
- Arm Ltd
- Status
- Bifrost Gpu Kernel Driver
- Valhall Gpu Kernel Driver
- Vendor
- CVE Published:
- 7 June 2024
Badges
Summary
The vulnerability in Arm Ltd's Bifrost and Valhall GPU Kernel Drivers is classified as a Use After Free issue, which permits local non-privileged users to execute improper memory operations. This flaw can lead to unauthorized access to memory that has already been freed, posing risks to the integrity and confidentiality of system operations. Affected versions include Bifrost GPU Kernel Driver from r34p0 to r40p0 and Valhall GPU Kernel Driver from r34p0 to r40p0. Users and administrators are encouraged to address this vulnerability to protect their systems from potential exploitation. For more information and updates, refer to the Arm Security Center.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Bifrost GPU Kernel Driver r34p0
Valhall GPU Kernel Driver r34p0
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
The Hacker NewsCVE-2024-4610Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0
References
EPSS Score
15% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π¦
CISA Reported
- πΎ
Exploit known to exist
- π°
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved