Use After Free in Arm 5th_gen_gpu_architecture_kernel_driver
CVE-2024-0671
Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper…
Vulnerability class: Use-After-Free
EPSS: 0.002 (12.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.8 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N.
Affected products
- Arm 5th_gen_gpu_architecture_kernel_driver
- Arm Bifrost_gpu_kernel_driver
- Arm Midgard_gpu_kernel_driver
- Arm Valhall_gpu_kernel_driver
- Arm Ltd 5th Gen Gpu Architecture Kernel Driver — versions r41p0
- Arm Ltd Bifrost Gpu Kernel Driver — versions r7p0
- Arm Ltd Midgard Gpu Kernel Driver — versions r19p0
- Arm Ltd Valhall Gpu Kernel Driver — versions r19p0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- arm-security@arm.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2024-0671?
- CVE-2024-0671 is a medium-severity vulnerability in Arm 5th_gen_gpu_architecture_kernel_driver, classified under Use After Free. CVSS score: 6.8/10. Published 2024-04-19.
- How severe is CVE-2024-0671?
- Medium severity. CVSS v3 base score is 6.8 out of 10.
- Is CVE-2024-0671 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.