CVE-2024-4610 – Arm Mali GPU Zero-Day Under Active Exploit: Millions of Devices at Risk

In a warning issued today, chip design giant Arm has disclosed a critical zero-day vulnerability (CVE-2024-4610) actively being exploited in the wild. The flaw affects the widely used Mali GPU drivers, potentially exposing millions of devices to malicious attacks.

Image: Arm

Arm describes the security issue as one involving improper GPU memory processing operations. Specifically, a local non-privileged user can exploit the flaw to gain access to already freed memory. This type of access can lead to severe consequences, including unauthorized data access and system manipulation. The affected driver versions include:

• Bifrost GPU Kernel Driver: All versions from r34p0 to r40p0
• Valhall GPU Kernel Driver: All versions from r34p0 to r40p0

CVE-2024-4610 has been addressed in the latest driver update, r41p0, for both Bifrost and Valhall GPU Kernel Drivers.

Arm has confirmed reports of the vulnerability being exploited in real-world scenarios. The active exploitation highlights the urgency for users and organizations to apply the necessary patches. Given the nature of the vulnerability, attackers with local access can execute improper GPU memory operations, potentially leading to data breaches or system compromise.

Mali GPUs are ubiquitous in the mobile world, powering a wide range of smartphones, tablets, and other devices. While Arm hasn’t specified which devices are most vulnerable, it’s safe to assume that a vast number of users are at risk until patches are widely available.

While the fix is available in the r41p0 driver update, the deployment of patches depends on the efficiency of device makers and vendors in integrating and distributing the updates. Organizations must stay vigilant and ensure timely updates to mitigate the risks associated with this vulnerability.