← Back

CVE-2025-0050

nvd nist
Published: Apr 7, 2025Modified: Dec 18, 2025

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Exploitability: 2.5 / Impact: 3.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.

Affected (6)

Arm
3 products
5th Gen Gpu Architecture Userspace Driver
Bifrost Gpu Userspace Driver
Valhall Gpu Userspace Driver
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Arm
5th Gen Gpu Architecture Userspace Driver
From r41p0 to r49p3
5th Gen Gpu Architecture Userspace Driver
From r50p0 to r54p0
Arm
Bifrost Gpu Userspace Driver
From r0p0 to r49p3
Bifrost Gpu Userspace Driver
From r50p0 to r51p0
Arm
Valhall Gpu Userspace Driver
From r19p0 to r49p3
Valhall Gpu Userspace Driver
From r50p0 to r54p0

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (1)

Source: arm-security@arm.com
Vendor Advisory

Timeline

No history available yet.