CISA updated its Known Exploited Vulnerabilities list today, adding the Arm’s GPU flaw – affecting most Android devices!

This privilege escalation bug can let anyone gain root privileges and steal sensitive data stored on the device. Google patched this with this month’s security update. Thus it’s recommended to apply the patch as soon as possible. Though the CISA order is directed at federal agencies, companies of all kinds are advised to follow this.

Security Bug in Android GPUs

CISA is one of the few federal agencies that track cybersecurity developments to keep its sister agencies safe and the nation. In this pursuit, the agency maintains a list of Known Exploited Vulnerabilities (KNE) – which notes any actively exploited bugs in the wild and urges the other agencies to follow precautions.

Federal agencies in the US should follow the KNE suggestions, as it’s a Binding Operational Directive. As per the latest developments, CISA updated the KNE list to add a high-severity Arm Mali GPU kernel driver privilege escalation flaw, tracked as CVE-2021-29256.

The agency notes the flaw is a use-after-free weakness that can be exploited to gain root privileges of the target device by allowing improper operations on GPU memory. This eventually allows the threat actor to access any sensitive information stored in the vulnerable Android device and steal it.

Well, a patch for this bug is available in July’s security update passed by Google, and it is highly recommended to apply it. Since it’s high-risk, ignoring this directive will only put your data at risk. CISA has given federal agencies time up to July 28th to patch and said;

“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.”