- Description
- Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.
- Source
- arm-security@arm.com
- NVD status
- Analyzed
- Products
- 5th_gen_gpu_architecture_kernel_driver, valhall_gpu_kernel_driver
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2025-0072 2 - CVE-2026-23760 3 - CVE-2025-27237 4 - CVE-2024-37079 5 - CVE-2026-24061 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
27 Jan 2026
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
C Bit Twiddling for Checksums: 2025 Exploits Bit twiddling for checksums in C is fast but error-prone, enabling exploits like CVE-2025-0072. Wrong bit ops corrupt data integrity. Test with known inputs. https://t.co/8e6EP8wuSM
@datareaperai
13 Aug 2025
486 Impressions
0 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
#exploit #Kernel_Security 1. CVE-2025-21204: Abusing the Windows Update Stack to Gain SYSTEM Access https://t.co/8ylvL8ufqu 2. Bypassing MTE with CVE-2025-0072 (Arm Mali GPU kernel code execution) https://t.co/u4Kkub9Wv3 ]-> PoC: https://t.co/LAOp98tvWr
@ksg93rd
10 Jun 2025
2042 Impressions
21 Retweets
44 Likes
26 Bookmarks
0 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072 Article by @mmolgtm about exploiting a page use-after-free vulnerability in the ARM's Mali GPU driver in the code that manages userspace-mapped pages. https://t.co/gLfxDrcIOB https://t.co/2Mgevk4Cka
@linkersec
9 Jun 2025
2718 Impressions
16 Retweets
68 Likes
30 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-0072
@transilienceai
8 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-0072
@transilienceai
29 May 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical vulnerability CVE-2025-0072 in Arm Mali GPU driver allows MTE bypass and arbitrary kernel code execution. Update your devices now! https://t.co/pTkwNF85AS #Vulnerability #Security #Exploitation #Kernel #Update #Device #Technology #Arm #GPU #Driver #Threat #Patch #Malware
@dailytechonx
27 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical CVE-2025-0072 vulnerability affects Arm Mali GPU drivers, enabling attackers to bypass MTE and execute arbitrary kernel code on devices like Pixel 7, 8, & 9. Exploit involves GPU queue manipulation & use-after-free. 🚨 #Security #Android https://t.co/HDj2w6aU
@TweetThreatNews
27 May 2025
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0072は、Arm Mali GPUのCSFアーキテクチャに存在する重大な脆弱性である。Pixel 7〜9シリーズなどの最新Android端末が対象で、攻撃者はMTE(Memory Tagging Extension)を回避してカーネルコードを任意に実行可能とな
@yousukezan
27 May 2025
802 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Evitando MTE con CVE-2025-0072 – Mi Revista https://t.co/knQCfAZ4Kt #securidad #ciberseguridad
@RedesSocialesES
27 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072 https://t.co/IszwBm2hVA
@Karlitopepe
25 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In this post, Man Yue Mo(@mmolgtm) will look at CVE-2025-0072, a vulnerability in the Arm Mali GPU, and show how it can be exploited to gain kernel code execution even when MTE is enabled. https://t.co/jP8pH2XoqZ Exploit for Pixel 8 https://t.co/QJQDuzCHlT https://t.co/Kl05WmnBI
@xvonfers
24 May 2025
6455 Impressions
21 Retweets
98 Likes
57 Bookmarks
4 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072: https://t.co/c5ZJdvlvt7 #mte #android #cve #exploitation #vulnerability https://t.co/f8wbEiAjLO
@ale_sp_brazil
24 May 2025
2477 Impressions
12 Retweets
30 Likes
11 Bookmarks
0 Replies
0 Quotes
Evitando MTE con CVE-2025-0072 https://t.co/FvbajCQl3x
@MiRevista
23 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072 https://t.co/a1k0ahslLm #Microsoft #Azure #AppDev
@azure1dev
23 May 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0072 Use After Free Vulnerability in Arm GPU Kernel Drivers Enabling Local Memory Manipulation https://t.co/pz33PWRb7h
@VulmonFeeds
2 May 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای محصول TP-Link’s Smart Hub آسیب پذیری با کد شناسایی CVE-2025-0072 منتشر شده است که به دلیل ضعف در ساختار احراز هویت این محصول در Firmware مربوط به آن می باشد. https://t.co/Poz3aKY03t https://t.co/0315yuucBZ
@AmirHossein_sec
11 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ACF6697-A7EB-4131-937C-AC3A1FB49923",
"versionEndIncluding": "r49p3",
"versionStartIncluding": "r41p0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20FA69E1-1B9E-423E-859D-D47526D843DD",
"versionEndIncluding": "r53p0",
"versionStartIncluding": "r50p0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28768B33-00EF-4196-8E9F-7A2D7C33C01C",
"versionEndIncluding": "r49p3",
"versionStartIncluding": "r29p0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF9F3C4-CF1F-4A2B-B6C9-2CA9F8658B84",
"versionEndIncluding": "r53p0",
"versionStartIncluding": "r50p0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]