Use After Free Vulnerability in Arm Ltd Valhall GPU Kernel Driver
CVE-2025-0073

7.8HIGH

Key Information:

Vendor: Arm Ltd
Status: Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 2 June 2025

What is CVE-2025-0073?

The vulnerability in Arm Ltd’s Valhall GPU Kernel Driver stems from a Use After Free flaw, which permits local non-privileged user processes to improperly handle GPU memory. This can lead to unauthorized access to freed memory, potentially allowing attackers to exploit the system’s memory management. The affected versions of the Valhall GPU Kernel Driver range from r53p0 before r54p0, alongside the Arm 5th Gen GPU Architecture Kernel Driver. Vigilance is advised for users operating these drivers.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r53p0

Valhall GPU Kernel Driver r53p0

References

https://developer.arm.com/documentation/110466/latest/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2025
Vulnerability Reserved
Dec 13, 2024

Credit

Man Yue Mo of GitHub Security Lab