Threat Intelligence / CVE / CVE-2024-4610

CVE-2024-4610

CISA KEV

CVSS 7.8 (HIGH) · EPSS 0.6% · Published 2024-06-07

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

CVSS v3 vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416

Threats tracking this CVE

Predator Spyware iOS SpringBoard Hook — Intellexa Recording Indicator Bypass via Kernel-Level Sensor Interception — HIGH

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4610

Full detection coverage & IOCs for threats exploiting CVE-2024-4610 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence