Imagination GPU Driver Vulnerabilities Allow Remote Kernel Access

EXECUTIVE SUMMARY:

Imagination Technologies has released critical updates addressing multiple vulnerabilities in its GPU driver software, impacting DDK versions up to 24.2 RTM2 and, in one case, 24.3 RTM. These vulnerabilities, including CVE-2024-52938, CVE-2024-52937, CVE-2024-52936, CVE-2024-52935, CVE-2024-47895, CVE-2024-47894, CVE-2024-47897, CVE-2024-46973, CVE-2024-43703, CVE-2024-43702, and CVE-2024-43705, involve risks such as out-of-bounds reads and writes, use-after-free kernel exceptions, and unauthorized GPU memory access, potentially leading to platform instability or exploitation. The updates include fixes to secure GPU memory management, prevent improper system calls, and address kernel error handling. Users are urged to apply the latest patches to mitigate these risks.[emaillocker id="1283"]

• CVE-2024-52938 –This vulnerability arises due to improper GPU commands that allow data to be written outside the Guest VM’s virtualized GPU memory. This could lead to corruption or instability, with a CVSS score of 8.3 (High).
• CVE-2024-52937 –A memory exploitation vulnerability that enables writing data outside the virtual GPU memory, potentially leading to system crashes or unauthorized access. It carries a CVSS score of 7.8 (High).
• CVE-2024-52936 -This issue occurs when improper GPU kernel calls trigger out-of-bounds read and write operations, allowing attackers to corrupt data or cause unpredictable behavior. It has a CVSS score of 7.8 (High).
• CVE-2024-52935 –Shared memory between GPU firmware and other components can be exploited to perform out-of-bounds writes, which could lead to security breaches or system malfunction. The CVSS score is 7.5 (High).
• CVE-2024-47895 –An attacker can exploit an unchecked block count to read data outside the Guest VM’s memory, potentially exposing sensitive information or causing system instability. This vulnerability has a CVSS score of 6.5 (Medium).
• CVE-2024-47894 –Improper GPU commands allow out-of-bounds reads caused by unchecked loop bounds, which may result in unauthorized data access or crashes. It has a CVSS score of 6.5 (Medium).
• CVE-2024-47897 –This vulnerability allows non-privileged users to trigger improper GPU system calls that cause platform instability, potentially leading to system reboots. The CVSS score for this vulnerability is 7.1 (High).
• CVE-2024-46973 –Improper reference count management leads to use-after-free kernel exceptions, which attackers could exploit to escalate privileges or execute arbitrary code. The CVSS score is 8.4 (High).
• CVE-2024-43703 – Exploiting duplicate calls to system functions could cause unauthorized reads or writes to physical memory, leading to potential system compromise. This vulnerability has a CVSS score of 7.6 (High).
• CVE-2024-43702 –Non-privileged users can write to arbitrary kernel memory pages, potentially enabling unauthorized actions or code execution within the kernel. The CVSS score for this is 8.0 (High).
• CVE-2024-43705 –This vulnerability allows attackers to exploit the GPU kernel driver and overwrite read-only system files (e.g., libc.so), potentially compromising critical system components. It has a CVSS score of 8.2 (High).

The vulnerabilities in Imagination Technologies' GPU driver software present severe risks, allowing potential unauthorized access and system instability.

RECOMMENDATION:

• We strongly recommend you refer below link for applying the patch.

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

REFERENCES:

The following reports contain further technical details: 
https://cybersecuritynews.com/imagination-gpu-driver-vulnerabilities-in-imagination-let-attackers-gain-kernel-access-remotely/