Arm has patched a new security flaw in its Mali GPU kernel drivers that allowed improper GPU memory processing operations to be carried out by a local non-privileged user.\n\nYet without a CVSS score, the vulnerability, dubbed CVE-2023-4211, was reported to have active exploitations in the wild.\n\n\u201cA local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory,\u201d Arm said in an October 2 advisory. \u201cThere is evidence that this vulnerability may be under limited, targeted exploitation.\u201d\n\nThe advisory also notified patching up two other vulnerabilities in the same driver family allowing similar exploitations.\n\nBug allows access to freed-up memory\n\nAlthough much isn\u2019t clear about the nature of the attacks, Arm said the vulnerability allows hackers to exploit system memory no longer in use. Getting access to such environments is the most common mechanism for loading malicious codes.\n\nA local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition, according to the advisory. If a system\u2019s memory is carefully prepared by that user, it could give them access to already freed memory.\n\nArm has credited the discovery of active exploitations to Maddie Stone of Google\u2019s Threat Analysis Group and Jann Horn of Google Project Zero.\n\nGoogle Pixel devices and Chromebooks \u2014 most affected by the vulnerability \u2014 were both separately patched by Google in September. \n\nPatches now available for most affected versions\n\nArm\u2019s Mali line of GPUs runs on a host of devices including mobile devices, smart TVs, automotive infotainment systems, wearable devices, embedded systems, IoT devices, development boards, and gaming consoles. The GPUs run a range of kernel driver versions across all these devices.\n\nThe vulnerability affects four different versions of the drivers including Midgard GPU Kernel Driver (from version r12p0 - r32p0), Bifrost GPU Kernel Driver (from version r0p0 - r42p0), Valhall GPU Kernel Driver (from version r19p0 - r42p0), and Arm 5th Gen GPU Architecture Kernel Driver (from version r41p0 - r42p0).\n\nPatches are available now for three out of the four affected versions. \u201cThis issue is fixed in Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Driver r43p0,\u201d Arm said. \u201cUsers are recommended to upgrade if they are impacted by this issue.\u201d Arm also advised support for Midgard GPUs on contact. Two other patches informed in the advisory included those for CVE-2023-33200, and CVE-2023-34970, both of which allow similar exploitations in the Valhall and Arm 5th Gen versions of the GPU.