Jiayi Hu (Zhejiang University), Qi Tang (Jilin University), Xingkai Wang (Zhejiang University), Jinmeng Zhou (Zhejiang University), Rui Chang (Zhejiang University), Wenbo Shen (Zhejiang University)
Graphics Processing Units (GPUs) have become essential components in modern computing, driving high performance rendering and parallel processing. Among them, Arm’s Mali GPU is the most widely deployed in mobile devices. In contrast to the mature and robust defenses on the CPU side, the GPU remains poorly protected. Consequently, GPUs have become a preferred target for attackers seeking to bypass CPU defenses. Notable incidents, such as Operation Triangulation, have demonstrated how GPU-side vulnerabilities can be exploited to compromise system security. Despite the rising threat, the comprehensive and in-depth security analysis of the Mali GPU is still missing.
To address this gap, we conduct the first in-depth security analysis of Mali GPU’s memory mapping mechanism and uncover two new security weaknesses: allocation–mapping decoupling and missing physical address validation. Exploiting these weaknesses, we introduce PhantomMap, a novel GPU-assisted exploitation technique that transforms limited heap vulnerabilities into powerful physical memory read/write primitives—bypassing mainstream kernel defenses without requiring privileged capabilities or information leaks. To assess its security impact, we develop a static analyzer that systematically identifies all vulnerable mapping paths, uncovering 15 exploit chains across two Mali driver architectures. We further demonstrate PhantomMap’s practicality by developing 15 end-to-end exploits based on real-world CVEs, including the first public exploit for CVE-2025-21836. Finally, we design and implement a lightweight in-driver mitigation that eliminates the root cause with minimal performance overhead on Pixel 6 and Pixel 7 devices.