Login Sign Up

CVE-2024-0153

7.8 HIGH
Buffer Overflow

📋 TL;DR

This CVE describes a memory buffer overflow vulnerability in Arm's Valhall and 5th Gen GPU firmware that allows a local non-privileged user to perform improper GPU operations to access memory outside buffer bounds. With careful preparation, this could potentially lead to access to all system memory. Affected systems include devices using Arm Mali GPUs with specific firmware versions.

💻 Affected Systems

Products:
  • Arm Valhall GPU Firmware
  • Arm 5th Gen GPU Architecture Firmware
Versions: Valhall: r29p0 through r46p0; 5th Gen: r41p0 through r46p0
Operating Systems: Android, Linux, Other systems using Arm Mali GPUs
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with Arm Mali GPUs including smartphones, tablets, IoT devices, and embedded systems

📦 What is this software?

5th Gen Gpu Architecture Firmware by Arm

View all CVEs affecting 5th Gen Gpu Architecture Firmware →

Valhall Gpu Firmware by Arm

View all CVEs affecting Valhall Gpu Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system memory compromise leading to privilege escalation, data exfiltration, or full system takeover

🟠

Likely Case

Limited memory disclosure or corruption, potentially leading to application crashes or limited data exposure

🟢

If Mitigated

Contained impact within GPU memory space with proper isolation and access controls

🌐 Internet-Facing: LOW - Requires local access to exploit
🏢 Internal Only: HIGH - Local users can exploit this vulnerability to potentially gain elevated privileges

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and careful preparation of GPU operations. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after r46p0

Vendor Advisory: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Restart Required: Yes

Instructions:

1. Check current GPU firmware version. 2. Contact device manufacturer for updated firmware. 3. Apply firmware update. 4. Reboot device.

🔧 Temporary Workarounds

Restrict GPU access

all

Limit GPU access to trusted applications only

Disable unnecessary GPU features

all

Disable GPU compute features if not required

🧯 If You Can't Patch

  • Implement strict access controls to limit local user privileges
  • Monitor for unusual GPU memory access patterns and system behavior

🔍 How to Verify

Check if Vulnerable:

Check GPU firmware version via device manufacturer tools or system logs

Check Version:

Device-specific commands vary by manufacturer; consult device documentation

Verify Fix Applied:

Verify firmware version is updated beyond affected ranges (r46p0+)

📡 Detection & Monitoring

Log Indicators:

  • Unusual GPU memory access patterns
  • GPU driver crashes
  • Memory access violations

Network Indicators:

  • None - local exploit only

SIEM Query:

Search for GPU driver errors, memory access violations, or unusual process behavior related to GPU operations

📊 Metadata

CVE ID: CVE-2024-0153
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: July 1, 2024
Last Updated: March 27, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-0153, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)