(7th May 2025)
Last updated: 2 May 2025 (official)
Preface: An ioctl interface is a single system call by which userspace may communicate with device drivers. Requests on a device driver are vectored with respect to this ioctl system call, typically by a handle to the device and a request number.
Background: The Arm Mali GPU, when installed on an Android phone, works alongside the CPU rather than replacing it. The Mali GPU is specifically designed for handling graphics processing tasks, such as rendering images, animations, and videos, which helps to offload these tasks from the CPU. This allows the CPU to focus on other computational tasks, improving overall device performance and efficiency.
The Mali GPU itself does not have an embedded CPU; it is a separate component that works in conjunction with the device’s main CPU. This collaboration between the GPU and CPU ensures that graphics-intensive applications, like games and videos, run smoothly while maintaining efficient power usage.
Vulnerability details: Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU processing operations to gain access to already freed memory.
Impact: This issue affects Bifrost GPU Kernel Driver: from r8p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r19p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.
Official announcement: Please see the link for details –