CVE-2023-4211
Published: 01 October 2023
Summary
CVE-2023-4211 is a medium-severity Use After Free (CWE-416) vulnerability in Arm 5Th Gen Gpu Architecture Kernel Driver. Its CVSS base score is 5.5 (Medium).
Operationally, ranked in the top 49.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-16 (Memory Protection).
Deeper analysis
A use-after-free vulnerability tracked as CVE-2023-4211 affects the Arm Mali GPU driver. The flaw stems from improper GPU memory processing operations that allow a local non-privileged user to access memory that has already been freed, corresponding to CWE-416 and carrying a CVSS 3.1 score of 5.5 with high confidentiality impact.
A local attacker with low privileges can trigger the condition through crafted GPU operations to read sensitive data from freed memory regions. No user interaction or elevated rights are required, limiting the attack to the local system but enabling direct information disclosure.
Arm has published driver updates addressing the Mali GPU vulnerabilities on its security advisory page. The issue also appears in CISA's catalog of known exploited vulnerabilities, confirming real-world exploitation activity.
EPSS for the CVE rose sharply from a low baseline to a peak of 0.2126 on 2023-10-05 before receding to its current value of 0.0020, indicating a temporary surge in exploitation interest following disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-54085
Vulnerability details
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
- CWE(s)
- KEV Date Added
- 03 October 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly implements memory protection safeguards that block use-after-free access to already-freed GPU memory regions.
Enforces authorization checks on all GPU memory operations so a non-privileged user cannot reach freed regions.
Maintains separate execution domains that limit a local process's ability to perform improper GPU memory operations across freed allocations.