{"id":164430,"date":"2024-06-11T12:50:50","date_gmt":"2024-06-11T12:50:50","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=164430"},"modified":"2024-06-11T12:52:09","modified_gmt":"2024-06-11T12:52:09","slug":"arm-zero-day-actively-exploited","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/164430\/hacking\/arm-zero-day-actively-exploited.html","title":{"rendered":"Arm zero-day in Mali GPU Drivers actively exploited in the wild"},"content":{"rendered":"
<\/div>\n

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver.<\/h2>\n\n\n\n

Arm is warning of an actively exploited zero-day vulnerability, tracked as CVE-2024-4610, in Mali GPU Kernel Driver.<\/gwmw><\/gwmw><\/p>\n\n\n\n

The vulnerability is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver<\/a> (all versions from r34p0 to r40p0) and Valhall GPU Kernel Driver<\/a> (all versions from r34p0 to r40p0).<\/p>\n\n\n\n

“A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.” reads the advisory<\/a> published by the company. “Arm is aware of reports of this vulnerability being exploited in the wild. Users are recommended to upgrade if they are impacted by this issue”<\/p>\n\n\n\n

Bifrost and Valhall GPU Kernel Driver r41p0, which were released on November 24, 2022, address the vulnerability.<\/p>\n\n\n\n

A local non-privileged attacker can prepare the system’s memory to issue improper GPU memory processing operations to gain access to already freed memory.<\/p>\n\n\n\n

The company recommends users upgrade if this issue impacts them.<\/gwmw><\/gwmw><\/p>\n\n\n\n

Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n

Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n

(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking,\u00a0Mali GPU Kernel Driver<\/a>)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, tracked as CVE-2024-4610, in Mali GPU Kernel Driver. The vulnerability is a use-after-free issue issue that impacts Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) and Valhall GPU Kernel […]<\/p>\n","protected":false},"author":1,"featured_media":164433,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,5,55],"tags":[1324,2895,4112,9508,9506,10918,841,1533],"class_list":["post-164430","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-hacking","category-security","tag-android-firefox-zero-day","tag-arm","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司