cbcvebase.
CVE-2024-4610
published 2024-06-07

CVE-2024-4610: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU…

PriorityP181high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-07-03
Exploited in the wild
EPSS
0.76%
50.6th percentile
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

Affected

7 ranges
VendorProductVersion rangeFixed in
armbifrost_gpu_kernel_driver>= r34p0 < r41p0r41p0
armvalhall_gpu_kernel_driver>= r34p0 < r41p0r41p0
arm_ltdbifrost_gpu_kernel_driverr34p0 – r40p0
arm_ltdvalhall_gpu_kernel_driverr34p0 – r40p0
googleandroid
linuxlinux_kernel>= 0 < 6.1.85-16.1.85-1
linuxlinux_kernel>= 0 < 6.7.12-16.7.12-1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is a Use-After-Free in Arm Bifrost and Valhall GPU Kernel Drivers; exploitable by a local non-privileged user via improper GPU memory processing operations to access already freed memory.
  • CVE-2024-4610 is listed in CISA KEV (Known Exploited Vulnerabilities), indicating active in-the-wild exploitation; prioritize patching on Android/Mali GPU devices.
  • Affected component is the Mali GPU Kernel Driver (Android); Android Security Bulletin July 2024 tracks this under component 'Mali' with reference A-260126994.
  • ·Affected driver versions are Bifrost GPU Kernel Driver r34p0 through r40p0 and Valhall GPU Kernel Driver r34p0 through r40p0; versions outside this range are not affected.
  • ·Red Hat Enterprise Linux kernel packages (versions 6–10, including kernel-rt) are confirmed not affected, as the Mali GPU driver is not present in mainline RHEL kernels.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH
cisa7.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.