Lukas Bernhard
·
Published
2025-08-04
·
Updated
2025-08-04
·
CVE-2025-0932
4.3
Medium
| Base vector | Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Arm Ltd Bifrost GPU Userspace Driver versions r48p0 through r49p3, and r50p0 through r51p0
Arm Ltd Valhall GPU Userspace Driver versions r48p0 through r49p3, and r50p0 through r54p0
Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver versions r48p0 through r49p3, and r50p0 through r54p0
Description:
A Use After Free vulnerability exists in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, and Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver. This allows a non-privileged user process to perform GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.
Recommendations:
Arm Ltd Bifrost GPU Userspace Driver versions r48p0 through r49p3, and r50p0 through r51p0: Update to a newer version.
Arm Ltd Valhall GPU Userspace Driver versions r48p0 through r49p3, and r50p0 through r54p0: Update to a newer version.
Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver versions r48p0 through r49p3, and r50p0 through r54p0: Update to a newer version.
Fix
Use After Free