Security News > 2023 > October > Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability in the kernel drivers for several Mali GPUs "May be under limited, targeted exploitation," British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches.
Arm's Mali GPUs are used on a variety devices, most prominently on Android phones by Google, Samsung, Huawei, Nokia, Xiaomi, Oppo, and other manufacturers.
CVE-2023-4211 stems from improper GPU memory processing and allows a local non-privileged to gain access to already freed memory.
"This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs," Arm advised.
Two zero-day vulnerabilities in Mali GPU kernel drivers have been previously spotted being exploited to deliver spyware by commercial spyware vendor Variston.
Arm has also delivered fixed for two additional vulnerabilies affecting some of those same drivers, both of which could also give attackers access to already freed memory.
News URL
https://www.helpnetsecurity.com/2023/10/03/cve-2023-4211/
Related news
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |