CVE-2024-1067 in Bifrost GPU Kernel Driver
Summary
by MITRE • 05/03/2024
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the Linux Kernel and Mali GPU kernel driver configurations that would allow the GPU operations to affect the userspace memory of other processes. This issue affects Bifrost GPU Kernel Driver: from r41p0 through r47p0; Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 05/03/2024
This vulnerability represents a critical use-after-free condition in Arm's GPU kernel drivers that affects multiple generations of Arm Mali graphics processors. The flaw exists within the Bifrost, Valhall, and 5th generation GPU architectures, specifically impacting kernel drivers from version r41p0 through r47p0. The vulnerability stems from improper memory management during GPU operations where freed memory regions are accessed after being deallocated, creating potential for arbitrary code execution or information disclosure. This issue is particularly concerning because it operates at the kernel level and affects GPU memory processing operations that can influence userspace memory of other processes.
The technical exploitation of this vulnerability occurs through improper handling of GPU memory operations on Armv8.0 cores where specific combinations of Linux kernel versions and Mali GPU driver configurations create memory access inconsistencies. When a local non-privileged user executes malicious GPU operations, the kernel driver fails to properly validate memory states before accessing previously freed memory regions. This memory corruption can lead to information disclosure, privilege escalation, or system instability. The vulnerability is classified under CWE-416 as use-after-free, which represents a well-known class of memory safety issues that have historically led to significant security compromises in kernel-level components.
The operational impact of this vulnerability extends beyond simple memory corruption, as it enables cross-process memory manipulation that can compromise system integrity. Attackers can leverage this flaw to access memory spaces belonging to other processes, potentially extracting sensitive information or manipulating process states. This capability undermines the fundamental security boundaries between processes and can lead to privilege escalation scenarios where unprivileged users gain elevated system access. The affected driver versions span multiple GPU generations, indicating a widespread impact across Arm's Mali GPU ecosystem and affecting a significant portion of mobile and embedded devices running Linux-based operating systems.
Mitigation strategies should focus on immediate driver updates from Arm to address the specific memory management flaws in the affected kernel driver versions. System administrators should prioritize patching all affected devices running Bifrost, Valhall, or 5th generation Mali GPU architectures with versions r41p0 through r47p0. Additionally, implementing kernel lockdown mechanisms and restricting GPU access permissions can help minimize the attack surface. Organizations should also consider monitoring for unusual GPU memory operations and establishing process isolation measures to limit potential damage from exploitation attempts. The vulnerability aligns with ATT&CK technique T1068 which covers local privilege escalation through kernel exploits, making it particularly relevant for security teams implementing defensive measures against kernel-level attacks.