CVE-2024-6790 in Bifrost GPU Kernel Driver
Summary
by MITRE • 02/03/2025
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 12/18/2025
This vulnerability represents a critical infinite loop condition in Arm Ltd's GPU kernel drivers that affects multiple generations of their graphics processing architectures. The flaw exists within the Bifrost, Valhall, and 5th generation GPU kernel drivers, creating a scenario where a non-privileged user process can trigger a system-wide hang through legitimate GPU memory operations. The vulnerability specifically manifests when processing operations are performed via WebGL or WebGPU interfaces, which are commonly used in web browsers and graphics-intensive applications. This issue has been identified across several driver versions, including r44p1 and ranges from r46p0 through r51p0 for all affected architectures, making it a widespread concern affecting numerous devices that rely on Arm's GPU implementations.
The technical root cause of this vulnerability lies in the improper handling of loop conditions within the kernel driver code, specifically within the memory processing operations that handle GPU tasks. When a user process submits valid GPU memory operations through WebGL or WebGPU, the kernel driver enters into an infinite loop due to unreachable exit conditions in its processing logic. This occurs because the loop termination criteria are either never met or become unreachable due to specific parameter combinations or state conditions that can be manipulated by the user process. The flaw demonstrates poor defensive programming practices where proper loop bounds checking and exit condition validation have been omitted or incorrectly implemented, allowing malicious or malformed input to cause indefinite execution cycles that consume system resources and ultimately lead to complete system unresponsiveness.
The operational impact of this vulnerability extends far beyond simple performance degradation, as it creates a complete system hang condition that can render devices unusable until manual intervention occurs. This affects not only desktop and mobile devices but also embedded systems and servers that depend on Arm GPUs for graphics processing, potentially causing denial of service conditions that impact user productivity and system availability. The vulnerability is particularly concerning because it requires no elevated privileges to exploit, meaning any user with access to the system can potentially trigger the condition. This makes it a significant risk for environments where multiple users share systems, web browsers, or applications that utilize GPU acceleration, as a single compromised tab or process could bring down an entire system.
From a cybersecurity perspective, this vulnerability aligns with CWE-835, which specifically addresses infinite loops with unreachable exit conditions, and represents a classic example of a denial of service attack vector that can be leveraged to cause system instability. The ATT&CK framework categorizes this under privilege escalation and denial of service techniques, as it allows unprivileged users to cause system-wide failures that can be difficult to diagnose and recover from. The vulnerability's exploitation pathway through WebGL and WebGPU interfaces makes it particularly dangerous in web environments where users may inadvertently visit malicious sites or where web applications might contain flawed GPU processing code. The affected driver versions span multiple releases, indicating this is not a recent issue but rather a persistent flaw that has affected several generations of Arm GPU implementations.
Mitigation strategies should focus on immediate driver updates from Arm Ltd to address the specific infinite loop conditions in the kernel drivers, as well as implementing process isolation and resource limiting measures to prevent single processes from consuming excessive GPU resources. System administrators should monitor for unusual GPU memory processing patterns that might indicate exploitation attempts, and consider implementing security policies that restrict WebGL/WebGPU usage in high-security environments. Additionally, organizations should establish incident response procedures for handling system hangs caused by this vulnerability, including automated recovery mechanisms and regular system health monitoring to detect early signs of the problematic loop conditions before they escalate to complete system unresponsiveness.