CVE-2024-0153

HIGH

Arm 5th Gen & Valhall GPU Firmware r29p0-r46p0 Memory Corruption via GPU Operations

Title source: llm

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.

References (1)

Core 1

Core References

Vendor Advisory

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Scores

CVSS v3 7.8

EPSS 0.0013

EPSS Percentile 32.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-119

Status published

Products (2)

arm/5th_gen_gpu_architecture_firmware r41p0 - r47p0

arm/valhall_gpu_firmware r29p0 - r47p0

Published Jul 01, 2024

Tracked Since Feb 18, 2026