_Wavebreakmedia_Ltd_FUS1407_Alamy.jpg?#)
GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely
Imagination Technologies, a leader in GPU innovation, has issued updates to address a series of critical vulnerabilities identified in its GPU driver software. Imagination Technologies is a global leader in developing GPUs, AI solutions, and semiconductor IP, powering applications across mobile, automotive, and consumer electronics. This year, the company celebrates the 30th anniversary of its […] The post GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely appeared first on Cyber Security News.
Imagination Technologies, a leader in GPU innovation, has issued updates to address a series of critical vulnerabilities identified in its GPU driver software.
Imagination Technologies is a global leader in developing GPUs, AI solutions, and semiconductor IP, powering applications across mobile, automotive, and consumer electronics. This year, the company celebrates the 30th anniversary of its PowerVR architecture, highlighting its legacy of cutting-edge innovation.
These vulnerabilities, reported under several CVE references, pose potential risks involving out-of-bounds (OOB) memory writes, kernel exceptions, and unauthorized GPU memory access.
The company detailed the security issues in its January 2025 disclosure, outlining vulnerabilities across various Driver Development Kit (DDK) releases, up to and including version 24.2 RTM2.
The vulnerabilities, if exploited, could allow non-privileged users to access, alter, or corrupt GPU memory, resulting in platform instability or security breaches.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
Key Vulnerabilities Identified
Cyber Security News learnt that the Imagination technologies released a patch update on 10th Jan with fixes for all the critical vulnerabilities listed below.
Vulnerability CVE Reference Versions Affected Description rgxfw_pm_add_freelist_for_reconstruction OOB write CVE-2024-52938 DDK Releases up to and including 24.2 RTM2 Improper GPU commands allow writing data outside the Guest VM’s virtualized GPU memory. rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore CVE-2024-52937 DDK Releases up to and including 24.2 RTM2 Memory exploitation enables writing data outside virtual GPU memory. rgxfw_hwperf_config OOB read & write CVE-2024-52936 DDK Releases up to and including 24.2 RTM2 Improper GPU kernel calls trigger out-of-bounds read and write operations. psContext->eDM gives OOB write CVE-2024-52935 DDK Releases up to and including 24.2 RTM2 Shared memory with GPU firmware can be exploited for out-of-bounds writes. OOB read into fwlog due to unchecked block count CVE-2024-47895 DDK Releases up to and including 24.2 RTM2 Unchecked block count allows reading data outside Guest VM’s memory. Out of bounds read into fwlog due to unchecked loop bounds CVE-2024-47894 DDK Releases up to and including 24.2 RTM2 Improper GPU commands enable out-of-bounds reads with unchecked loop bounds. PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write CVE-2024-47897 DDK Releases up to and including 24.2 RTM2 Non-privileged users can trigger improper GPU system calls, leading to platform instability and reboots. Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement CVE-2024-46973 DDK Releases up to and including 24.3 RTM Improper GPU calls trigger use-after-free kernel exceptions. Duplicate calls to RGXCreateFreeList on the same reservation lead to GPU UAF CVE-2024-43703 DDK Releases up to and including 24.2 RTM2 Unprivileged users exploit system calls to cause unauthorized reads/writes to physical memory. MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages CVE-2024-43702 DDK Releases up to and including 24.2 RTM System calls allow non-privileged users to write to arbitrary kernel memory pages. Exploitable PVRSRVBridgePhysmemWrapExtMem may lead to overwriting read-only files/memory (e.g., libc.so) CVE-2024-43705 DDK Releases up to and including 24.2 RTM2 Exploits GPU kernel driver to overwrite arbitrary read-only system files mapped into user memory. PVRSRV_BRIDGE_SYNCTRACKING_SYNCRECORDAD allows adding new records while SyncRecordList is not initialized None DDK Releases up to and including 24.2 RTM2 Null kernel exception can be triggered due to uninitialized SyncRecordList. Kernel Information Leak via /proc/pvr/gpu00/debug_dump None DDK Releases up to and including 24.2 RTM2 Unprivileged users can obtain kernel information through debug dumps.
Imagination Technologies has released firmware and driver updates that introduce protections against these vulnerabilities. The critical updates include mechanisms to:
- Prevent improper user-mode parameters from being submitted to GPU system calls.
- Ensure secure management of GPU memory allocation and deallocation.
- Address use-after-free scenarios and correct improper error handling.
Imagination has urged all users to update their systems to the latest DDK release to mitigate these risks. Users are advised to contact their Imagination Technologies support representative for additional guidance.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
The post GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely appeared first on Cyber Security News.
