Cyber Resilience

CVE-2024-4610

HighCISA KEVActive ExploitationEUVD Exploited

Published: 07 June 2024

Published
07 June 2024
Modified
23 October 2025
KEV Added
12 June 2024
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0076 73.8th percentile
Risk Priority 36 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-4610 is a high-severity Use After Free (CWE-416) vulnerability in Arm Bifrost Gpu Kernel Driver. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 26.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2024-4610 is a use-after-free vulnerability (CWE-416) in the Arm Bifrost and Valhall GPU kernel drivers, present in versions r34p0 through r40p0. The flaw stems from improper handling of GPU memory operations that can reference memory after it has been freed, affecting systems that include these Mali GPU drivers on Linux-based platforms.

A local non-privileged user can trigger the issue through crafted GPU memory processing calls, achieving arbitrary access to already-freed kernel memory. Successful exploitation yields high impact across confidentiality, integrity, and availability, consistent with the CVSS 7.8 vector that requires only local access and low attack complexity.

Arm has published driver updates addressing the vulnerability on its security advisory page. The flaw also appears in CISA’s catalog of known exploited vulnerabilities, confirming in-the-wild use. EPSS scores rose sharply from a low baseline to a peak of 0.2126 on 2024-06-13 before receding, indicating a clear post-disclosure surge in exploitation interest that warrants renewed attention.

EU & UK References

Vulnerability details

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU…

more

Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

CWE(s)
KEV Date Added
12 June 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

arm
bifrost gpu kernel driver
r34p0 — r41p0
arm
valhall gpu kernel driver
r34p0 — r41p0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements memory protection mechanisms that block use-after-free access to already-freed GPU memory regions by unprivileged processes.

prevent

Enforces access control checks on GPU kernel memory operations so a local non-privileged user cannot read or write freed memory.

prevent

Provides process isolation between user-space and the Bifrost/Valhall GPU kernel driver, limiting the blast radius of improper memory operations.

References