A critical vulnerability, CVE-2025-0072, affects Arm Mali GPU drivers, allowing attacks on devices like Pixel 7, 8, and 9 series by bypassing hardware security features. This flaw enables malicious apps to execute arbitrary kernel code, posing a serious threat to device integrity and security. #CVE-2025-0072 #ArmMaliGPU #PixelSeries
Keypoints
- The vulnerability impacts Mali GPU drivers using the Command Stream Frontend (CSF) architecture.
- It allows attackers to manipulate GPU queue handling to access and control kernel memory.
- The exploit involves use-after-free scenarios through user-space mappings that bypass MTE protections.
- Successful exploitation can grant root access and disable security features like SELinux.
- Patch updates released in May 2025 are essential for protecting affected Pixel devices.
Read More: https://gbhackers.com/arm-mali-gpu-vulnerability-enables-bypass-of-mte/