CVE-2024-4610

CVE-2024-4610: Mali GPU Kernel Driver allows improper GPU memory processing operations

Vendor Arm Ltd
Product Bifrost GPU Kernel Driver
Weakness CWE-416
KEV Status Known Exploited
Published June 7, 2024
Last update October 21, 2025

CVSS base score

What the vulnerability does

01Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0.

CISA mandated remediation

02CISA Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Key dates

03Disclosure timeline

June 7, 2024 CVE published
October 21, 2025 Record updated