CVE-2023-6143 in Midgard GPU Kernel Driverinfo

Summary

by MITRE • 03/04/2024

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user and the system is under heavy load, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r1p0 through r18p0; Valhall GPU Kernel Driver: from r37p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 08/28/2024

The CVE-2023-6143 vulnerability represents a critical use-after-free condition within Arm Ltd's GPU kernel drivers, affecting multiple generations of Arm graphics architectures including Midgard, Bifrost, Valhall, and the 5th generation GPU architecture. This vulnerability resides in the kernel-level GPU drivers that manage hardware acceleration for graphics processing, creating a potential pathway for privilege escalation and system instability. The flaw manifests as a software race condition that occurs during memory management operations within the GPU driver subsystem, where improper synchronization allows for memory deallocation followed by subsequent access attempts.

The technical exploitation of this vulnerability requires a local non-privileged user to carefully prepare system memory conditions and induce heavy system load to trigger the race condition. This use-after-free scenario occurs when the kernel driver releases memory back to the system but fails to properly invalidate references to that memory location, allowing subsequent operations to access freed memory blocks. The vulnerability's impact is particularly concerning because GPU kernel drivers operate with elevated privileges and have direct access to hardware resources, making memory corruption in these components potentially catastrophic for system security and stability. The affected driver versions span multiple releases indicating this is not a recent introduction but rather a persistent flaw across several driver generations.

From an operational perspective, this vulnerability creates significant risks for systems utilizing Arm-based GPUs, particularly in enterprise environments where GPU acceleration is prevalent for graphics rendering, machine learning workloads, and parallel computing tasks. The race condition exploitation requires specific conditions to be met including memory preparation and system load manipulation, but once triggered, the vulnerability can lead to arbitrary code execution, system crashes, or privilege escalation. The vulnerability affects multiple GPU architectures, suggesting a fundamental flaw in the memory management approach across Arm's GPU driver implementations, making it a widespread concern for organizations deploying Arm-based hardware. This type of vulnerability aligns with CWE-416 which specifically addresses Use After Free conditions in software systems.

The exploitation of CVE-2023-6143 fits within the broader ATT&CK framework under the T1068 technique for Exploitation for Privilege Escalation, potentially allowing attackers to elevate privileges from unprivileged users to kernel-level access. The vulnerability's impact extends beyond simple memory corruption as it can lead to complete system compromise, particularly when combined with other exploitation techniques or when the target system has additional vulnerabilities. Organizations running affected GPU drivers face potential denial of service conditions, data corruption, and unauthorized access to system resources, making this vulnerability particularly dangerous in multi-user environments or cloud computing scenarios where GPU resources are shared. The affected version ranges indicate that patching is essential across multiple driver releases, and the vulnerability's presence in both older and newer driver versions suggests that the underlying memory management patterns require fundamental reevaluation and redesign.

Mitigation strategies for this vulnerability include immediate patch deployment from Arm Ltd, which should address the race condition in memory management operations. System administrators should monitor for signs of exploitation attempts and implement additional security controls such as kernel memory protection mechanisms and runtime monitoring of GPU driver behavior. The vulnerability's nature suggests that memory safety improvements in kernel drivers are essential, potentially requiring architectural changes to how GPU memory management is handled. Organizations should also consider implementing process isolation for GPU-accelerated applications and monitoring for unusual memory allocation patterns that might indicate exploitation attempts. Given the low privilege requirement for exploitation, this vulnerability represents a significant concern for any system running affected GPU drivers, regardless of the specific use case or workload requirements.

Reservation

11/14/2023

Disclosure

03/04/2024

Moderation

accepted

CPE

ready

EPSS

0.00185

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!