CVE-2025-0819

Published: Jun 2, 2025Modified: Jul 2, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0.

Affected (7)

Products: Arm: 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver

Arm

3 products

5th Gen Gpu Architecture Kernel Driver

Bifrost Gpu Kernel Driver

Valhall Gpu Kernel Driver

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Arm 5th Gen Gpu Architecture Kernel Driver	From r44p0 to r49p4
Arm 5th Gen Gpu Architecture Kernel Driver	From r50p0 to r54p1
Arm Bifrost Gpu Kernel Driver	From r44p0 to r49p4
Arm Bifrost Gpu Kernel Driver	Version r50p0
Arm Bifrost Gpu Kernel Driver	Version r51p0
Arm Valhall Gpu Kernel Driver	From r44p0 to r49p4
Arm Valhall Gpu Kernel Driver	From r50p0 to r54p1

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (1)

https://developer.arm.com/documentation/110466/latest/

Source: arm-security@arm.com

Vendor Advisory

Timeline

No history available yet.