Article Details

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation. Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions - "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," Arm said in a Monday advisory. "There is evidence that this vulnerability may be under limited, targeted exploitation." The issue, credited to Maddie Stone of Google's Threat Analysis Group (TAG) and Jann Horn of Google Project Zero, has been addressed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0. Google, in its own monthly Android Security Bulletin for October 2023, said it found indications of targeted exploitation of CVE-2023-4211 and CVE-2023-4863, a severe flaw impacting the WebP image format in the Chrome web browser that was patched last month. Exact specifics surrounding the nature of the attacks are still unclear, but indications are that they may have been weaponized as part of a spyware campaign targeting high-risk individuals. Also resolved by Arm are two other flaws in the Mali GPU Kernel Driver that allow for improper GPU memory processing operations - This is not the first time flaws in Arm Mali GPU Kernel Driver have come under active exploitation. Earlier this year, Google TAG disclosed that CVE-2023-26083 was abused in conjunction with a series of four other flaws by a spyware vendor to penetrate Samsung devices.