Arm Warns of Exploited Kernel Driver Vulnerability
11-June-24
Tracked as CVE-2024-4610, the bug is described as a use-after-free issue that could be exploited by local users to make improper GPU memory processing operations. Successful exploitation of the flaw allows a non-privileged attacker to access previously freed memory, Arm explains in an advisory. Use-after-free vulnerabilities typically occur when a program continues to access a memory location even after deallocating it, which allows attackers to leak data or tamper with it, causing the program to crash or achieving arbitrary code execution. According to Arm, CVE-2024-4610 impacts the Bifrost and Valhall GPU kernel drivers. The bug was introduced in driver version r34p0 and was addressed with the release of Bifrost and Valhall driver version r41p0
