PT-2025-15222 · Arm · Arm 5Th Gen Gpu Architecture Userspace Driver+2
Published
2025-04-07
·
Updated
2025-12-18
·
CVE-2025-0050
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Arm Ltd Bifrost GPU Userspace Driver versions r0p0 through r51p0
Arm Ltd Valhall GPU Userspace Driver versions r19p0 through r53p0
Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver versions r41p0 through r53p0
Description
The issue is related to an Improper Restriction of Operations within the Bounds of a Memory Buffer, allowing a non-privileged user process to make valid GPU processing operations and access a limited amount outside of buffer bounds. This can be done via WebGL or WebGPU.
Recommendations
For Arm Ltd Bifrost GPU Userspace Driver versions r0p0 through r51p0, update to a version outside of the affected range to resolve the issue.
For Arm Ltd Valhall GPU Userspace Driver versions r19p0 through r53p0, update to a version outside of the affected range to resolve the issue.
For Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver versions r41p0 through r53p0, update to a version outside of the affected range to resolve the issue.
As a temporary workaround, consider restricting access to WebGL and WebGPU to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arm 5Th Gen Gpu Architecture Userspace Driver
Arm Bifrost Gpu Userspace Driver
Valhall Gpu Userspace Driver