CVE-2025-0932

MEDIUM

ARM 5th Gen Gpu Architecture Userspace Driver < r49p4 - Use After Free

Title source: rule

Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.

References (1)

[Vendor Advisory] https://developer.arm.com/documentation/110626/latest/

Scores

CVSS v3 4.3

EPSS 0.0004

EPSS Percentile 11.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-416

Status published

Affected Products (3)

arm/5th_gen_gpu_architecture_userspace_driver < r49p4

arm/bifrost_gpu_userspace_driver < r49p4

arm/valhall_gpu_userspace_driver < r49p4

Timeline

Published Aug 04, 2025

Tracked Since Feb 18, 2026