Tech giant ARM has issued a warning about active exploitations of a security flaw in its Mali GPU lineup, as reported on Tuesday. The vulnerability, labeled as CVE-2023-4211, was discovered by Maddie Stone of Google (NASDAQ:GOOGL)'s Threat Analysis Group and Jann Horn of Google Project Zero. It affects ARM's Midgard, Bifrost, Valhall, and 5th Gen GPU Architecture Kernel Drivers.
The flaw exists within the kernel device drivers for the GPUs and allows local non-privileged users to make "improper GPU memory processing operations" to access previously freed memory. This access can be leveraged by an attacker to load and execute malicious code, exploit other vulnerabilities on the device, or install malicious payloads for user surveillance.
ARM has detected active exploitations of the vulnerability and has already released patches for the latter three drivers with version r43p0. The company urged vendors to contact its support team for patch details for the Midgard GPUs. Despite these measures, ARM found evidence of "limited, targeted exploitation" of this vulnerability. Users with a device featuring the affected Mali GPUs are advised to update their devices promptly to mitigate potential security risks.
Google has proactively pushed the patch for CVE-2023-4211 to Pixel devices with the September security update and has also released it for affected Chromebooks. However, devices beyond Google phones are impacted by this vulnerability. Samsung (KS:005930)'s Galaxy S20 and Galaxy S21 series, Motorola (NYSE:MSI) Edge 40, OnePlus Nord 2, and phones from Asus, Redmi, Honor, RealMe, Xiaomi (OTC:XIACF), and Oppo are also at risk.
Certain MediaTek chips and Linux devices that use the affected Mali GPUs haven't received the patch yet. Users who haven't received a new security update recently are advised to be vigilant and avoid installing apps from unknown sources. According to reports, "The device driver on patched devices will show as version r44p1 or r45p0."
In addition to CVE-2023-4211, ARM's latest security advisory mentions two more vulnerabilities in Mali GPU Kernel Drivers, tracked as CVE-2023-33200 and CVE-2023-34970. While there's no evidence of any exploration of these vulnerabilities yet, the company has already released patches for both security flaws on all affected platforms. Users are encouraged to update their devices to avoid potential future exploits.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.