Semiconductor Producer Arm Releases Security Patches
Arm Follows Up After Driver Was Impacted By a Vulnerability
Overt Operator
October 03, 2023
Arm, a leading semiconductor and software design company, has recently released security patches to address a critical security flaw in the Mali GPU Kernel Driver. This vulnerability tracked as CVE-2023-4211, has been actively exploited in the wild and affects various versions of the driver.
The impacted driver versions include the Midgard GPU Kernel Driver (r12p0 - r32p0), Bifrost GPU Kernel Driver (r0p0 - r42p0), Valhall GPU Kernel Driver (r19p0 - r42p0), and Arm 5th Gen GPU Architecture Kernel Driver (r41p0 - r42p0).
Arm has urged users to update their systems to the latest version, specifically r43p0, to mitigate the risk associated with this flaw.
According to Arm, the vulnerability allows a local non-privileged user to perform improper GPU memory processing operations, thereby gaining access to already freed memory. While there is evidence of limited and targeted exploitation of this flaw, the exact nature and extent of the attacks remain unclear.
The discovery of this security flaw can be attributed to the efforts of Maddie Stone from Google's Threat Analysis Group (TAG) and Jann Horn from Google Project Zero. Their contribution to identifying and addressing this vulnerability highlights the importance of collaboration in the cybersecurity community.
In addition to Arm's security patches, Google has also acknowledged its findings in its monthly Android Security Bulletin for October 2023. Google reported indications of targeted exploitation not only of CVE-2023-4211 but also of CVE-2023-4863. The latter is a severe flaw affecting the WebP image format in the Chrome web browser, which was patched last month.
These indications of targeted exploitation suggest that the vulnerabilities may have been weaponized as part of a spyware campaign targeting high-risk individuals. The motive and specific targets of these attacks are yet to be disclosed, but the severity of the flaws and the evidence of exploitation necessitate immediate action.
In addition to CVE-2023-4211, Arm has also addressed two other vulnerabilities in the Mali GPU Kernel Driver. CVE-2023-33200 allows a local non-privileged user to exploit a software race condition through improper GPU processing operations. If the user carefully prepares the system's memory, they can gain access to already freed memory.
Users must update their systems promptly to the latest version of the Mali GPU Kernel Driver to ensure their devices are protected against these vulnerabilities. By staying vigilant and proactive in addressing security flaws, both individuals and organizations can enhance their cybersecurity posture and safeguard sensitive information.