Use After Free Vulnerability in Arm Ltd Valhall GPU Kernel Driver
CVE-2025-0015

7.8HIGH

Key Information:

Vendor: Arm Ltd
Status: Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 3 February 2025

What is CVE-2025-0015?

A Use After Free vulnerability in the Valhall and 5th Gen GPU Kernel Drivers provided by Arm Ltd allows local non-privileged user processes to improperly perform GPU operations. This flaw can lead to the exploitation of freed memory, potentially compromising system integrity and security. The affected driver versions range from r48p0 to r52p0, highlighting the necessity for users to ensure their systems are updated to mitigate any risks associated with this vulnerability.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r48p0

Arm 5th Gen GPU Architecture Kernel Driver r50p0

Valhall GPU Kernel Driver r48p0

References

https://developer.arm.com/Arm%20Security%20Center/Mali%20...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2025
Vulnerability Reserved
Oct 17, 2024