What is the severity of CVE-2024-1065?

CVE-2024-1065 has been classified as a high-severity vulnerability due to its potential impact on memory security.

How do I fix CVE-2024-1065?

To remediate CVE-2024-1065, ensure that you apply the latest security patches provided by Android for the affected GPU drivers.

What systems are affected by CVE-2024-1065?

CVE-2024-1065 affects devices running the Android operating system utilizing Arm Ltd's Bifrost and Valhall GPU Kernel Drivers.

What type of vulnerability is CVE-2024-1065?

CVE-2024-1065 is a Use After Free vulnerability that allows unauthorized access to freed memory.

Can CVE-2024-1065 be exploited remotely?

CVE-2024-1065 requires local access, as it allows a non-privileged user to exploit the vulnerability on the device.

Vulnerability/
CVE-2024-1065

medium

5.9

CWE

416

19/4/2024

27/3/2025

CVE-2024-1065: Mali GPU Kernel Driver allows improper GPU memory processing operations

First published: Fri Apr 19 2024(Updated: )

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r45p0 through r48p0; Valhall GPU Kernel Driver: from r45p0 through r48p0; Arm 5th Gen GPU Architecture Kernel Driver: from r45p0 through r48p0.

Credit: arm-security@arm.com

Affected Software	Affected Version	How to fix
Android
Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver	>=r45p0<r49p0
Arm Bifrost GPU Kernel Driver	>=r45p0<r49p0
Arm Ltd Valhall GPU Kernel Driver	>=r45p0<r49p0

Remedy

This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p0. Users are recommended to upgrade if they are impacted by this issue.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-1065?
CVE-2024-1065 has been classified as a high-severity vulnerability due to its potential impact on memory security.
How do I fix CVE-2024-1065?
To remediate CVE-2024-1065, ensure that you apply the latest security patches provided by Android for the affected GPU drivers.
What systems are affected by CVE-2024-1065?
CVE-2024-1065 affects devices running the Android operating system utilizing Arm Ltd's Bifrost and Valhall GPU Kernel Drivers.
What type of vulnerability is CVE-2024-1065?
CVE-2024-1065 is a Use After Free vulnerability that allows unauthorized access to freed memory.
Can CVE-2024-1065 be exploited remotely?
CVE-2024-1065 requires local access, as it allows a non-privileged user to exploit the vulnerability on the device.

agent/weakness
agent/title
agent/remedy
agent/first-publish-date
agent/type
agent/description
agent/author
agent/severity
agent/references
collector/mitre-cve
source/MITRE
agent/source
agent/last-modified-date
agent/event
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/softwarecombine
agent/tags
collector/android-source
source/Android
vendor/arm
canonical/arm ltd arm 5th gen gpu architecture kernel driver
version/arm ltd arm 5th gen gpu architecture kernel driver/r45p0
canonical/arm bifrost gpu kernel driver
version/arm bifrost gpu kernel driver/r45p0
canonical/arm ltd valhall gpu kernel driver
version/arm ltd valhall gpu kernel driver/r45p0
vendor/google
canonical/android

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.