Preface: Mali GPU kernel drivers have a wide range of applications in the IoT and IIoT world. Even the auto industry, gaming, healthcare and artificial intelligence.

Background:The Android and Linux version of the Mali GPUs Device Driver provide low-level access to the Mali GPUs that are part of the Valhall family. Some of these components are being made available under the GPLv2 licence. The company named “ARM”. They provides access to the source packages from which loadable kernel modules can be built.
The Mali GPU kernel device driver handles the following. Access to the Mali GPU hardware, Interrupt handling and Low level memory management.

Example:
Question: In normal circumstances, when program (software driver or software application) called kmalloc and didn’t free that memory before rmmod was called on the module, what happens to that memory? Is it a memory leak and it is completely unusable until restart, or does the kernel free that memory automatically?
Answer: It won’t be freed until explicitly done. Memory allocated with kmalloc() needs to be freed using kfree(). That piece of memory stays till the system is on.

Vulnerability details: An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privileged user can make improper GPU processing operations to gain access to already freed memory.
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
As usual, vendor not disclose the details. Perhaps we can find hints in between two different version of software drivers.
Please refer to attached image for details.

Solution: This issue is fixed in Valhall GPU Kernel Driver r39p0. Users are recommended to upgrade if they are impacted by this issue. Please refer to the link for details – https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
Remark: The patch was release on 17th June 2022. Perhaps the risk is mitigated.

Preface: On 2017, Facebook’s artificial intelligence robots shut down after they start talking to each other in their own language. Maybe no one remembers!

Background: If you are a data scientist. You know the details of the algorithms, which libraries to use, and perform diagnostics. For the machine learning setup, perhaps you will use a opensource software technology. One of the way is creating an ML app using Flask, a commonly used web framework in Python.
Furthermore, you have another choices. Streamlit is a framework that is used by different machine learning engineers and data scientists to build UIs and powerful machine learning apps from a trained model.

1. How to install streamlit?
   pip install streamlit
2. Build the streamlit app

• Create a new Python file named app.py.
• Add our pickled model into a created folder.

3. Import required packages.
4. Unplick the model.
5. Building your prediction logic.
6. You will use material UI for styles and icons for your app
7. Adding an image.

Vulnerability details: Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information.
An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file.

Solution: Vendor strongly recommend users upgrade to v1.11.1 as soon as possible. Please refer to the link for details – https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc

Preface: Uninitialized data segment, often called the “bss” segment, named after an ancient assembler operator that stood for “block started by symbol.” Data in this segment is initialized by the kernel to arithmetic 0 before the program starts executing.

Background: Xen is an open-source baremetal hypervisor that is widely used by commercial and non-commercial platforms to provide virtualization support.

Dom0 is the initial domain started by the Xen hypervisor on boot. Dom0 is an abbrevation of “Domain 0” (sometimes written as “domain zero” or the “host domain”). Dom0 is a privileged domain that starts first and manages the DomU unprivileged domains. The Xen hypervisor is not usable without Dom0.

Vulnerability details: The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. For details, please refer to attached diagram.

Instead of clearing the bss area in assembly code, use the clear_bss()function.This requires to pass the start_info address as parameter to xen_start_kernel() in order to avoid the xen_start_info being zeroed again.

Details released by NIST: Please refer to the link – https://cve.report/CVE-2022-36123