CVE-2025-0073

Published Jun 2, 2025

Last updated 15 days ago

CVSS high 7.8

Overview

Description: Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0.
Source: arm-security@arm.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

arm-security@arm.com: CWE-416

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:r53p0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "286DD633-0184-413A-A39A-58CE2D469712"
          },
          {
            "criteria": "cpe:2.3:a:arm:valhall_gpu_kernel_driver:r53p0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C77780C0-FA5F-4859-B983-4ECCF1098BCA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References