CVE-2024-0671

MEDIUM

Arm Ltd GPU Drivers - Use After Free

Title source: llm

Description

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Midgard GPU Kernel Driver: from r19p0 through r32p0; Bifrost GPU Kernel Driver: from r7p0 through r48p0; Valhall GPU Kernel Driver: from r19p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r48p0.

References (1)

[Vendor Advisory] https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Scores

CVSS v3 6.8

EPSS 0.0012

EPSS Percentile 31.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Classification

CWE

CWE-416

Status published

Affected Products (4)

arm/5th_gen_gpu_architecture_kernel_driver < r49p0

arm/bifrost_gpu_kernel_driver < r49p0

arm/midgard_gpu_kernel_driver < r32p0

arm/valhall_gpu_kernel_driver < r49p0

Timeline

Published Apr 19, 2024

Tracked Since Feb 18, 2026