CVE-2023-5643: Mali GPU Kernel Driver allows improper GPU memory processing operations (5th Feb 2024)

Preface: Out-of-bounds writes, a common explanation, are the consequences of writing to memory outside the boundaries of the buffer or to invalid memory when the root cause is not sequential copying of too much data from a fixed starting position. This may include issues such as incorrect pointer arithmetic, access to invalid pointers due to incomplete initialization or memory deallocation.

Background: Arm Mali-G71 is the first high-end GPU to implement the Mali Bifrost architecture. Bifrost enables high-end mobile GPUs to provide additional computing performance. This additional performance is used to solve the increasingly complex problems of modern use cases such as VR and high-fidelity gaming.

Vulnerability details: A local non-privileged user can make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.

Affected products:

Bifrost GPU Kernel Driver: All versions from r41p0 – r45p0

Valhall GPU Kernel Driver: All versions from r41p0 – r45p0

Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 – r45p0

Official details: Please refer to the link for details –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.