Tracked as CVE-2024-4610, the bug is described as a use-after-free issue that could be exploited by local users to make improper GPU memory processing operations.

Successful exploitation of the flaw allows a non-privileged attacker to access previously freed memory, Arm explains in an advisory.

“Arm is aware of reports of this vulnerability being exploited in the wild,” the company notes.

Use-after-free vulnerabilities typically occur when a program continues to access a memory location even after deallocating it, which allows attackers to leak data or tamper with it, causing the program to crash or achieving arbitrary code execution.