CVE-2024-4610
HIGH KEVArm Bifrost and Valhall GPU Kernel Driver r34p0-r40p0 - Use-After-Free
Title source: llmExploitation Summary
CVE-2024-4610 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 12, 2024.
Description
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.
References (2)
Core 2
Core References
Vendor Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4610
Scores
CVSS v3
7.8
EPSS
0.0076
EPSS Percentile
73.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
total
Details
CISA KEV
2024-06-12
VulnCheck KEV
2024-06-07
InTheWild.io
2024-06-07
ENISA EUVD
EUVD-2024-44219
CWE
CWE-416
Status
published
Products (2)
arm/bifrost_gpu_kernel_driver
r34p0 - r41p0
arm/valhall_gpu_kernel_driver
r34p0 - r41p0
Published
Jun 07, 2024
KEV Added
Jun 12, 2024
Tracked Since
Feb 18, 2026