PT-2024-16446 · Arm · Arm Bifrost Gpu Kernel Driver+3
Published
2024-05-03
·
Updated
2025-03-28
·
CVE-2024-1067
CVSS v3.1
7.4
High
| Vector | AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Arm Ltd Bifrost GPU Kernel Driver versions r41p0 through r47p0
Arm Ltd Valhall GPU Kernel Driver versions r41p0 through r47p0
Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver versions r41p0 through r47p0
Description
The issue allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, certain combinations of the Linux Kernel and Mali GPU kernel driver configurations can allow GPU operations to affect the userspace memory of other processes.
Recommendations
For Arm Ltd Bifrost GPU Kernel Driver versions r41p0 through r47p0, update to a version outside of this range to mitigate the risk.
For Arm Ltd Valhall GPU Kernel Driver versions r41p0 through r47p0, update to a version outside of this range to mitigate the risk.
For Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver versions r41p0 through r47p0, update to a version outside of this range to mitigate the risk.
As a temporary workaround, consider restricting access to the GPU kernel driver configurations to minimize the risk of exploitation.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arm 5Th Gen Gpu Architecture Kernel Driver
Arm Bifrost Gpu Kernel Driver
Arm Valhall Gpu Kernel Driver
Arm Mali Gpu Kernel Driver