CVE-2024-1067 – A Use After Free vulnerability in Arm Mali GPU ... (How to Fix)

Q: What is the severity of CVE-2024-1067?

CVE-2024-1067 has a CVSS score of 7.4 (HIGH). A Use After Free vulnerability in Arm Mali GPU kernel drivers allows a local non-privileged user to perform improper GPU memory operations. On Armv8.0 cores with specific Linux Kernel and Mali driver configurations, this could allow GPU operations to affect other processes' userspace memory. This affects Bifrost, Valhall, and Arm 5th Gen GPU drivers from r41p0 through r47p0.

📋 TL;DR

A Use After Free vulnerability in Arm Mali GPU kernel drivers allows a local non-privileged user to perform improper GPU memory operations. On Armv8.0 cores with specific Linux Kernel and Mali driver configurations, this could allow GPU operations to affect other processes' userspace memory. This affects Bifrost, Valhall, and Arm 5th Gen GPU drivers from r41p0 through r47p0.

💻 Affected Systems

Products:

Arm Ltd Bifrost GPU Kernel Driver
Arm Ltd Valhall GPU Kernel Driver
Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver

Versions: r41p0 through r47p0

Operating Systems: Linux (with specific kernel configurations on Armv8.0 cores)

Default Config Vulnerable: ✅ No

Notes: Only vulnerable on Armv8.0 cores with specific combinations of Linux Kernel and Mali GPU kernel driver configurations.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level access, potentially leading to full system compromise, data theft, or denial of service.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated privileges and access sensitive data from other processes.

🟢

If Mitigated

Limited impact if proper access controls and isolation mechanisms are in place, though memory corruption risks remain.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring local access to exploit.

🏢 Internal Only: HIGH - Any compromised local account could exploit this to escalate privileges and access other processes' memory.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and specific system configurations. Exploitation involves manipulating GPU memory operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after r47p0

Vendor Advisory: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities

Restart Required: Yes

Instructions:

1. Check current Mali GPU driver version. 2. Update to version newer than r47p0 from Arm's official sources. 3. Reboot the system to load the updated driver.

🔧 Temporary Workarounds

Restrict local user access

linux

Limit local user accounts to trusted users only to reduce attack surface.

Disable vulnerable GPU features

linux

If possible, disable or restrict GPU memory operations for non-privileged users.

🧯 If You Can't Patch

Implement strict access controls to limit local user accounts to essential personnel only.
Monitor system logs for unusual GPU memory operations or privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check Mali GPU driver version and system configuration. Vulnerable if driver version is between r41p0 and r47p0 on Armv8.0 cores with specific Linux kernel configurations.

Check Version:

Check /sys/module/mali/version or use modinfo mali | grep version

Verify Fix Applied:

Verify driver version is newer than r47p0 and check system logs for successful driver load after reboot.

📡 Detection & Monitoring

Log Indicators:

Kernel logs showing memory corruption errors
GPU driver crash logs
Unexpected privilege escalation events

Network Indicators:

None - this is a local vulnerability

SIEM Query:

Search for kernel panic logs, driver crash reports, or unexpected privilege changes from local users.

📊 Metadata

CVE ID: CVE-2024-1067

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: May 3, 2024

Last Updated: March 28, 2025

🔗 References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1067, you might also want to check these: