June 11, 2024NewsroomMobile Security / Technology

Arm Mali GPU Drivers

Arm is warning of a security vulnerability affecting the Mali GPU kernel driver that it says has been actively exploited in the wild.

Tracked as CVE-2024-4610the Issue free after use Affects the following products

“A local unprivileged user can perform an invalid GPU memory processing operation to access previously freed memory,” the company said. said In an advisory last week.

Cyber ​​security

The vulnerability is addressed in Bifrost and Valhall GPU Kernel Driver r41p0. It is worth noting that this version was released on November 24, 2022. The current version of the drivers is r49p0, which was shipped in April 2024.

The Hacker News has reached out to Arm to clarify whether this was an old security flaw that is now being assigned a new CVE identifier or if it’s a newly discovered one, and if we’ll hear the story again. Will update.

The British semiconductor company acknowledged reports of exploiting the flaw in real-world attacks, but did not reveal any additional details to prevent further abuse.

That said, zero-day flaws were previously disclosed in Arm Mali GPUs. CVE-2022-22706, CVE-2022-38181 And CVE-2023-4211 – Weaponized by commercial spyware vendors for highly targeted attacks aimed at Android devices, an exploit from an Italian company called Cy4Gate.

Users of affected products are recommended to update to the appropriate version to protect against potential vulnerabilities.

Did you find this article interesting? Follow us. Twitter And LinkedIn To read more exclusive content we post.

Source link