ARM Mali GPU vulnerability active exploitation - 20240611003¶
Overview¶
ARM has notified of the active exploitation of a vulnerability which allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. This vulnerability impacts all versions of Bifrost and Valhall drivers from r34p0 through r40p0.
What is vulnerable?¶
| CVE | Severity | CVSS | Product(s) Affected | Dated |
|---|---|---|---|---|
| CVE-2024-4610 | TBD at time of writing | TBD | Bifrost and Valhall from r34p0 through r40p0 | 07/06/2024 |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
However, there is current known exploitation in the wild.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):