Some ARM GPU models have flaws that have not yet been resolved. Be careful! If you have these patterns in your devices — especially smartphones and tablets — they could be easy targets.
ARM is a British company based in Cambridge, specializing in the development and design of microprocessor architectures and related technologies. Founded in 1990, it has become one of the world’s leading companies in the semiconductor industry.
ARM’s main activity is developing the design of microprocessor architectures, called cores, and Grant a license to third parties to use your intellectual property; Third parties are typically semiconductor companies and other organizations that produce embedded devices such as chips for smartphones, tablets, computers, vehicles, smart devices, and more.
In 2020, ARMs were also the subject of a settlement Acquisition by NVIDIAbut the acquisition hung in the balance for a few years only to be canceled by regulators (as happens with the Microsoft-Activision Blizzard acquisition).
It now appears that issues have arisen with some GPU models designed by ARM that may suffer from vulnerabilities that the company has not yet patched.
These GPUs may put your hardware at risk
ARM on Monday reported active attacks targeting a vulnerability in device drivers for its Mali line of GPUs, which run on a variety of devices, including… Google Pixel and other Android phones, Chromebooks, and Linux devices.
“A user without legitimate permissions can perform inappropriate GPU memory manipulations to access memory that is no longer in useARM spokespeople wrote in a statement. “This issue has been resolved on Bifrost, Valhall, and 5th Generation GPUs using the r43p0 Kernel Driver Architecture. There is evidence that this vulnerability can be exploited in a targeted manner. Users are advised to update if they are affected by this issue.”.
But what exactly does it mean that a user can, illegally, access memory that is no longer in use? In practice, accessing system memory that is no longer in use is difficult A common mechanism for uploading malicious code to a site that an attacker can then execute. This code often allows you to exploit other vulnerabilities or install malicious payloads to spy, for example, on the user who owns the smartphone.
The platform most affected by the vulnerability is the Google Pixel line, which is one of the only Android models that receives security updates immediately. In a September update, Google patched the vulnerability in Pixels, classified as CVE-2023-4211. The company has also applied a patch to Chromebooks that use weak GPUs.
What models are at risk?
The flaw, called CVE-2023-4211, is present in a series of GPUs designed by ARM and released in the past 10 years. The affected ARM chipsets are:
- Midgard GPU kernel driver: all versions from r12p0 to r32p0
- GPU Bifrost kernel driver: all versions from r0p0 to r42p0
- Valhall GPU kernel driver: all versions from r19p0 to r42p0
- Arm 5th Generation GPU Architecture Kernel Driver: All versions r41p0 to r42p0
- The devices believed to be using the affected chips are the Google Pixel 7, Samsung S20 and S21, Motorola Edge 40, OnePlus Nord 2, Asus ROG Phone 6, Redmi Note 11 and 12, Honor 70 Pro, RealMe GT, Xiaomi 12 Pro, Oppo Find X5 Pro, Reno 8 Pro and some phones from Mediatek.
Not much is currently known about the vulnerability, other than ARM has attributed the discovery of the active vulnerabilities to it Maddie Stoneresearcher on the team Google Project Zero. Project Zero tracks vulnerabilities in common devices, especially when they are vulnerable to zero-day or n-day attacks, which refers to vulnerabilities for which no patches are available or that have recently been patched.