ARM Holdings has issued a warning regarding a vulnerability in its widely used GPU Mali drivers. The company was alerted to the vulnerability by researchers from Google Threat Analysis Group (TAG) and Project Zero. Although details of the vulnerability have not been disclosed, it has been identified as CVE-2023-4211, which involves incorrect access to released memory, potentially allowing for the compromise or manipulation of sensitive data. ARM explains that a local user without privileges can exploit this vulnerability by performing irregular memory processing operations to gain access to already released memory.
ARM has found evidence that the vulnerability can be the subject of limited, targeted attacks. The affected versions of the drivers include the GPU Midgard nucleus driver (all versions from R12P0 to R32P0), the GPU Bifrost nucleus driver (all versions from R0P0 to R42P0), the GPU Valhall nucleus driver (all versions from R19P0 to R42P0), and the 5th generation GPU ARM architecture driver (all versions from R41P0 to R42P0).
The affected GPU series, including Midgard, Bifrost, and Valhall, were introduced in 2013, 2016, and 2019, respectively, making them relevant to older device models. Some popular devices using the Valhall (Mali-G77) architecture include Samsung Galaxy S20/S20 Fe, Xiaomi Redmi K30/K40, Motorola Edge 40, and OnePlus Nord 2.
ARM’s 5th generation GPU architecture, which includes the MALI-G720 and MALI-G620 chips, was launched in May 2023 and is aimed at high-performance premium devices.
ARM has announced that the vulnerability has been patched for the Bifrost, Valhall, and 5th generation GPU architecture with the release of the R43P0 nucleus driver on March 24, 2023. However, since Midgard is no longer supported, it is unlikely to receive a fix for CVE-2023-4211.
In addition to CVE-2023-4211, ARM has also revealed two other vulnerabilities. CVE-2023-33200 and CVE-2023-34970 allow an unauthorized user to exploit a race condition to perform incorrect operations on the graphics processor and gain access to released memory. These vulnerabilities affect the Bifrost, Valhall, and 5th generation ARM architecture drivers up to version R44P0. ARM recommends updating to versions R44P1 and