#VU74210 Memory leak in ARM products


| Updated: 2023-04-04

Vulnerability identifier: #VU74210

Vulnerability risk: High

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-26083

CWE-ID: CWE-401

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Midgard GPU Kernel Driver
Hardware solutions / Drivers
ARM Avalon GPU Kernel Driver
Hardware solutions / Drivers
Bifrost GPU Kernel Driver
Hardware solutions / Drivers
Valhall GPU Kernel Driver
Hardware solutions / Drivers

Vendor: ARM

Description
The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due memory leak. A local application can force the driver to leak memory and gain access to sensitive information.

Note, this vulnerability is being actively exploited in the wild.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Midgard GPU Kernel Driver: All versions

ARM Avalon GPU Kernel Driver: r41p0 - r42p0

External links
http://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/
http://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities#CVE-2023-26083

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Google Android
Multiple vulnerabilities in Google ChromeOS LTS
Information disclosure in ARM Mali GPU kernel drivers