A vulnerability in ARM Bifrost and Valhall GPU kernel drivers is being exploited in the wild, the company is warning.
The vulnerability is two years old, and was patched in late 2022, but with the recent surge in abuse, ARM is urging its users to apply the patch immediately.
According to a security bulletin released, the vulnerability, tracked as CVE2024-4610, is described as a use-after-free (UAF) and affects Bifrost and Valhall drivers versions r34p0 to r40p0. A use-after-free vulnerability is a type of security flaw that occurs when a program continues to use a pointer to a memory location after it has been freed. In programming, when an object is no longer needed, its memory is typically deallocated (freed) so it can be reused. If the program doesn't properly update or clear pointers to that memory, it might attempt to access or modify it after it has been freed.
Timing the patch
According to BleepingComputer, such a flaw can be used to steal sensitive data from vulnerable devices, or even mount arbitrary code execution attacks.
If you are confused how a two-year-old flaw can have a 2024 label, you’re not the only one. BleepingComputer also reached out to ARM, asking for an explanation, and suggesting the company may have patched the flaw unintentionally, and only discovered it now when hackers started exploiting it.
At press time, ARM has still not made it to Windows PCs in significant volumes, so the vulnerability mostly affects Android devices. With the Android ecosystem being as fragmented as it is, devices from different manufacturers might get patched at different times.
Furthermore, with the vulnerability basically being two years old, there are chances that some devices might not get patched at all. Users are advised to check with their device manufacturers for more details.
More from TechRadar Pro
- Spectre returns - Intel and ARM-based CPUs hit by serious vulnerability
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
