CVE CVE

CVE-2024-4610

CISA Known Exploited Vulnerability (KEV)

Arm Mali GPU Kernel Driver Use-After-Free Vulnerability

June 12, 2024

July 3, 2024

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Weakness Enumeration

CWE-ID CWE Name

CWE-416
Use After Free

Known Affected Software Configurations


cpe:2.3:a:arm:valhall_gpu_kernel_driver:r47p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r48p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r49p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r47p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r48p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r49p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r35p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r45p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r46p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r35p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r45p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r46p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r37p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r44p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r44p1:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r44p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r44p1:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r17p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r43p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r43p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r42p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r42p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r41p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r41p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p1:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p2:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r40p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r38p1:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r38p2:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r40p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r39p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r29p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r38p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r19p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:valhall_gpu_kernel_driver:r34p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r0p0:*:*:*:*:*:*:*

cpe:2.3:a:arm:bifrost_gpu_kernel_driver:r34p0:*:*:*:*:*:*:*

Details

Source:
NVD
Published:
Updated:

Risk information

CVSS v3

Base score:
7.8
Severity:

HIGH

Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2

Not defined