CVE-2024-6790
📋 TL;DR
This vulnerability allows a non-privileged user to trigger an infinite loop in Arm GPU kernel drivers through GPU memory operations, potentially via WebGL or WebGPU. This can cause complete system unresponsiveness. Affected systems include devices using specific versions of Arm Bifrost, Valhall, and 5th Gen GPU architecture drivers.
💻 Affected Systems
- Arm Ltd Bifrost GPU Kernel Driver
- Arm Ltd Valhall GPU Kernel Driver
- Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver
📦 What is this software?
5th Gen Gpu Architecture Kernel Driver by Arm
View all CVEs affecting 5th Gen Gpu Architecture Kernel Driver →
5th Gen Gpu Architecture Kernel Driver by Arm
View all CVEs affecting 5th Gen Gpu Architecture Kernel Driver →
⚠️ Risk & Real-World Impact
Worst Case
Complete system freeze requiring hard reboot, potentially causing data loss and service disruption.
Likely Case
System becomes unresponsive requiring manual intervention, disrupting user sessions and applications.
If Mitigated
Limited impact if proper access controls prevent non-privileged users from executing GPU operations.
🎯 Exploit Status
Exploitation requires non-privileged user access but is relatively straightforward once access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions after r51p0 (check specific driver updates)
Vendor Advisory: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Restart Required: Yes
Instructions:
1. Check current GPU driver version. 2. Update to patched driver version from Arm or device manufacturer. 3. Reboot system to load new driver.
🔧 Temporary Workarounds
Restrict GPU access
allLimit non-privileged user access to GPU operations and WebGL/WebGPU APIs
Disable vulnerable GPU features
allDisable WebGL and WebGPU in browsers if not required
🧯 If You Can't Patch
- Implement strict access controls to prevent non-privileged users from executing GPU operations
- Monitor systems for unresponsiveness and implement rapid response procedures
🔍 How to Verify
Check if Vulnerable:
Check GPU driver version against affected versions list. On Android/Linux: check /sys/class/misc/mali0/device/driver/version or similar GPU driver paths.Check Version:
cat /sys/class/misc/mali0/device/driver/version 2>/dev/null || echo 'Check device-specific GPU driver location'Verify Fix Applied:
Verify GPU driver version is updated beyond affected ranges (after r51p0).📡 Detection & Monitoring
Log Indicators:
- System freeze events
- GPU driver crash logs
- Kernel panic messages related to GPU
Network Indicators:
- Unusual WebGL/WebGPU API calls if monitored
SIEM Query:
Search for: 'GPU driver crash' OR 'system unresponsive' OR 'kernel panic' AND 'mali' OR 'arm_gpu'