Sensitive Data Exposure in Arm Ltd Valhall GPU Kernel Driver
CVE-2025-2879

5.1MEDIUM

Key Information:

Vendor: Arm
Status: Valhall Gpu Kernel Driver; Arm 5th Gen Gpu Architecture Kernel Driver
Vendor: CVE Published:; 1 December 2025

What is CVE-2025-2879?

A vulnerability in Arm Ltd's Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver allows local non-privileged user processes to execute improper GPU operations. This may lead to the exposure of sensitive information to unauthorized actors. This issue primarily affects multiple versions of the Valhall GPU Kernel Driver and the Arm 5th Gen GPU Architecture Kernel Driver, highlighting a serious risk for users relying on these components.

Affected Version(s)

Arm 5th Gen GPU Architecture Kernel Driver r41p0

Arm 5th Gen GPU Architecture Kernel Driver r50p0

Valhall GPU Kernel Driver r29p0

References

https://developer.arm.com/documentation/110697/latest/

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 1, 2025
Vulnerability Reserved
Mar 27, 2025

JSON