Security News > 2023 > October > Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability in the kernel drivers for several Mali GPUs "May be under limited, targeted exploitation," British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches.
Arm's Mali GPUs are used on a variety devices, most prominently on Android phones by Google, Samsung, Huawei, Nokia, Xiaomi, Oppo, and other manufacturers.
CVE-2023-4211 stems from improper GPU memory processing and allows a local non-privileged to gain access to already freed memory.
"This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0. Users are recommended to upgrade if they are impacted by this issue. Please contact Arm support for Midgard GPUs," Arm advised.
Two zero-day vulnerabilities in Mali GPU kernel drivers have been previously spotted being exploited to deliver spyware by commercial spyware vendor Variston.
Arm has also delivered fixed for two additional vulnerabilies affecting some of those same drivers, both of which could also give attackers access to already freed memory.
News URL
https://www.helpnetsecurity.com/2023/10/03/cve-2023-4211/
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Palo Alto Networks patches two firewall zero-days used in attacks (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- Fully patched Cleo products under renewed 'zero-day-ish' mass attack (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-01 | CVE-2023-4211 | Use After Free vulnerability in ARM products A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | 5.5 |