Strix
26.1K

CVE-2024-6790

MEDIUMCVSS 6.1/10EPSS 0.14%

Last modified

CVE-2024-6790 is a medium-severity vulnerability rated 6.1/10 on the CVSS scale. Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.. EPSS estimates a 0.14% chance of exploitation in the next 30 days.

Description

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.

Metrics

CVSS 3.1
6.1/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS Probability
0.14%

3.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Arm5th Gen Gpu Architecture Kernel Driver>= r46p0, < r49p1
Arm5th Gen Gpu Architecture Kernel Driver>= r50p0, < r52p0
Arm5th Gen Gpu Architecture Kernel Driverr44p1
ArmBifrost Gpu Kernel Driver>= r46p0, < r49p1
ArmBifrost Gpu Kernel Driver>= r50p0, <= r51p0
ArmBifrost Gpu Kernel Driverr44p1
ArmValhall Gpu Kernel Driver>= r46p0, < r49p1
ArmValhall Gpu Kernel Driver>= r50p0, < r52p0
ArmValhall Gpu Kernel Driverr44p1

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2024-6790?
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a non-privileged user process to make valid GPU memory processing operations, including via WebGL or WebGPU, to cause the whole system to become unresponsive.This issue affects Bifrost GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Valhall GPU Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0; Arm 5th Gen GPU Architecture Kernel Driver: r44p1, from r46p0 through r49p0, from r50p0 through r51p0.
How severe is CVE-2024-6790?
CVE-2024-6790 has a CVSS score of 6.1/10 (MEDIUM severity). The EPSS model estimates a 0.14% probability of exploitation in the next 30 days.
How do I fix CVE-2024-6790?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-6790?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST