Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

Vulnerability

A software race condition exists in the Arm Mali GPU driver (local non-privileged user can make improper GPU processing operations) that, if the system’s memory is carefully prepared by the user, could give them access to already freed memory. The vulnerability affects versions of the Mali GPU driver listed in the Arm Security Center advisory [1].

Exploitation

An attacker must have local, non-privileged access to the system and be able to craft GPU processing operations that trigger the race condition. By carefully preparing the system’s memory layout, the user can exploit the timing window to cause the driver to access memory that has already been freed, leading to use-after-free conditions [1].

Impact

Successful exploitation allows the attacker to read or write freed memory, which may contain sensitive kernel data or other processes’ information. This can lead to information disclosure, privilege escalation, or potentially arbitrary code execution in the kernel context, depending on the memory contents and how the freed memory is reused [1].

Mitigation

Arm has released driver updates to address this issue. The fixed versions are available in the Arm Security Center advisory [1]. Users should apply the latest GPU driver updates from their device vendor or system integrator. No workaround is provided other than updating the driver.