Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.
History

Tue, 05 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 05 Aug 2025 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Arm
Arm 5th Gen Gpu Architecture Userspace Driver
Arm bifrost Gpu Userspace Driver
Arm valhall Gpu Userspace Driver
Vendors & Products Arm
Arm 5th Gen Gpu Architecture Userspace Driver
Arm bifrost Gpu Userspace Driver
Arm valhall Gpu Userspace Driver

Mon, 04 Aug 2025 10:15:00 +0000

Type Values Removed Values Added
Description Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.
Title Mali GPU Userspace Driver allows access to already freed memory
Weaknesses CWE-416
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Arm

Published: 2025-08-04T10:00:57.639Z

Updated: 2025-08-06T03:55:29.726Z

Reserved: 2025-01-31T14:19:56.294Z

Link: CVE-2025-0932

cve-icon Vulnrichment

Updated: 2025-08-05T18:32:59.832Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-04T10:15:27.547

Modified: 2025-08-05T19:15:31.237

Link: CVE-2025-0932

cve-icon Redhat

No data.