Back to KEVs

CVE-2024-4610

Mali GPU Kernel Driver allows improper GPU memory processing operations

Basic Information

CVE State
PUBLISHED
Reserved Date
May 07, 2024
Published Date
June 07, 2024
Last Updated
August 01, 2024
Vendor
Arm Ltd
Product
Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver
Description
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2024-06-12 00:00:00 UTC) Source

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Known Exploited Vulnerability Information

Source Added Date
CISA 2024-06-12 00:00:00 UTC