Login Sign Up

CVE-2023-26085

7.8 HIGH

📋 TL;DR

CVE-2023-26085 is an out-of-bounds read/write vulnerability in Arm NN Android-NN-Driver due to improper shared memory length validation. This allows attackers to potentially read sensitive data or execute arbitrary code in the context of the neural network driver. Affected systems include Android devices using Arm NN Android-NN-Driver versions before 23.02.

💻 Affected Systems

Products:
  • Arm NN Android-NN-Driver
Versions: All versions before 23.02
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Android devices using Arm's neural network driver for machine learning acceleration.

📦 What is this software?

Nn Android Neural Networks Driver by Arm

View all CVEs affecting Nn Android Neural Networks Driver →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via arbitrary code execution in kernel or driver context, potentially leading to complete device takeover and data exfiltration.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated permissions, access sensitive neural network data, or cause system instability.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protection mechanisms in place, potentially reduced to denial of service.

🌐 Internet-Facing: LOW - This is primarily a local vulnerability requiring local access to the device.
🏢 Internal Only: MEDIUM - Could be exploited by malicious apps or users with local access to vulnerable devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and knowledge of memory layout. No public exploits have been reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 23.02

Vendor Advisory: https://developer.arm.com/Arm%20Security%20Center

Restart Required: Yes

Instructions:

1. Update to Arm NN Android-NN-Driver version 23.02 or later. 2. Apply Android security updates from device manufacturer. 3. Reboot device after update.

🔧 Temporary Workarounds

Disable neural network acceleration

android

Temporarily disable Arm NN driver functionality to prevent exploitation

adb shell setprop debug.nn.vlog 0
adb shell stop nndriver
adb shell rmmod arm_nn_driver

🧯 If You Can't Patch

  • Implement strict app sandboxing and permission controls to limit access to neural network APIs
  • Deploy endpoint detection and response (EDR) solutions to monitor for suspicious memory access patterns

🔍 How to Verify

Check if Vulnerable:

Check Android device for Arm NN driver version using: adb shell dumpsys package | grep -i arm.nn

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify driver version is 23.02 or later using: adb shell getprop | grep nn.driver.version

📡 Detection & Monitoring

Log Indicators:

  • Unusual memory access patterns in kernel logs
  • SIGSEGV or SIGBUS signals from neural network processes
  • Unexpected driver crashes or restarts

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

source="android_kernel" AND ("segmentation fault" OR "out of bounds" OR "arm_nn")

📊 Metadata

CVE ID: CVE-2023-26085
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: June 29, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-26085, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)