Today, CISA issued an order requiring government organisations to fix a high-severity privilege escalation vulnerability in the Arm Mali GPU kernel driver that was included to its list of actively exploited flaws and fixed with this month’s Android security upgrades. A use-after-free bug that enables incorrect operations on GPU RAM could allow attackers to escalate to root privileges or obtain access to confidential data on affected Android devices.
A use-after-free bug that enables incorrect operations on GPU RAM could allow attackers to escalate to root privileges or obtain access to confidential data on affected Android devices. On its list of actively exploited vulnerabilities, CISA today ordered federal agencies to fix a high-severity Arm Mali GPU kernel driver privilege escalation issue.