AI description
CVE-2025-0072 is a use-after-free vulnerability found in the Arm Ltd Valhall GPU Kernel Driver and Arm 5th Gen GPU Architecture Kernel Driver. It allows a local, non-privileged user process to perform improper GPU memory processing operations, potentially gaining access to memory that has already been freed. This vulnerability affects the Valhall GPU Kernel Driver versions r29p0 through r49p3, and r50p0 through r53p0, as well as the Arm 5th Gen GPU Architecture Kernel Driver versions r41p0 through r49p3, and r50p0 through r53p0. It was patched in Mali driver version r54p0, released on May 2, 2025, and was included in Android's May 2025 security update.
- Description
- Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p3, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p3, from r50p0 through r53p0.
- Source
- arm-security@arm.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Critical vulnerability CVE-2025-0072 in Arm Mali GPU driver allows MTE bypass and arbitrary kernel code execution. Update your devices now! https://t.co/pTkwNF85AS #Vulnerability #Security #Exploitation #Kernel #Update #Device #Technology #Arm #GPU #Driver #Threat #Patch #Malware
@dailytechonx
27 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical CVE-2025-0072 vulnerability affects Arm Mali GPU drivers, enabling attackers to bypass MTE and execute arbitrary kernel code on devices like Pixel 7, 8, & 9. Exploit involves GPU queue manipulation & use-after-free. 🚨 #Security #Android https://t.co/HDj2w6aU
@TweetThreatNews
27 May 2025
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Evitando MTE con CVE-2025-0072 – Mi Revista https://t.co/knQCfAZ4Kt #securidad #ciberseguridad
@RedesSocialesES
27 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072 https://t.co/IszwBm2hVA
@Karlitopepe
25 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In this post, Man Yue Mo(@mmolgtm) will look at CVE-2025-0072, a vulnerability in the Arm Mali GPU, and show how it can be exploited to gain kernel code execution even when MTE is enabled. https://t.co/jP8pH2XoqZ Exploit for Pixel 8 https://t.co/QJQDuzCHlT https://t.co/Kl05WmnBI
@xvonfers
24 May 2025
6455 Impressions
21 Retweets
98 Likes
57 Bookmarks
4 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072: https://t.co/c5ZJdvlvt7 #mte #android #cve #exploitation #vulnerability https://t.co/f8wbEiAjLO
@ale_sp_brazil
24 May 2025
2477 Impressions
12 Retweets
30 Likes
11 Bookmarks
0 Replies
0 Quotes
Evitando MTE con CVE-2025-0072 https://t.co/FvbajCQl3x
@MiRevista
23 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bypassing MTE with CVE-2025-0072 https://t.co/a1k0ahslLm #Microsoft #Azure #AppDev
@azure1dev
23 May 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0072 Use After Free Vulnerability in Arm GPU Kernel Drivers Enabling Local Memory Manipulation https://t.co/pz33PWRb7h
@VulmonFeeds
2 May 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای محصول TP-Link’s Smart Hub آسیب پذیری با کد شناسایی CVE-2025-0072 منتشر شده است که به دلیل ضعف در ساختار احراز هویت این محصول در Firmware مربوط به آن می باشد. https://t.co/Poz3aKY03t https://t.co/0315yuucBZ
@AmirHossein_sec
11 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8ACF6697-A7EB-4131-937C-AC3A1FB49923",
"versionEndIncluding": "r49p3",
"versionStartIncluding": "r41p0"
},
{
"criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20FA69E1-1B9E-423E-859D-D47526D843DD",
"versionEndIncluding": "r53p0",
"versionStartIncluding": "r50p0"
},
{
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28768B33-00EF-4196-8E9F-7A2D7C33C01C",
"versionEndIncluding": "r49p3",
"versionStartIncluding": "r29p0"
},
{
"criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CF9F3C4-CF1F-4A2B-B6C9-2CA9F8658B84",
"versionEndIncluding": "r53p0",
"versionStartIncluding": "r50p0"
}
],
"operator": "OR"
}
]
}
]