{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-0932", "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "state": "PUBLISHED", "assignerShortName": "Arm", "dateReserved": "2025-01-31T14:19:56.294Z", "datePublished": "2025-08-04T10:00:57.639Z", "dateUpdated": "2025-08-06T03:55:29.726Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Bifrost GPU Userspace Driver", "vendor": "Arm Ltd", "versions": [{"changes": [{"at": "r49p4", "status": "unaffected"}], "lessThanOrEqual": "r49p3", "status": "affected", "version": "r48p0", "versionType": "patch"}, {"changes": [{"at": "r54p1", "status": "unaffected"}], "lessThanOrEqual": "r51p0", "status": "affected", "version": "r50p0", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Valhall GPU Userspace Driver", "vendor": "Arm Ltd", "versions": [{"changes": [{"at": "r49p4", "status": "unaffected"}], "lessThanOrEqual": "r49p3", "status": "affected", "version": "r48p0", "versionType": "patch"}, {"changes": [{"at": "r54p1", "status": "unaffected"}], "lessThanOrEqual": "r54p0", "status": "affected", "version": "r50p0", "versionType": "patch"}]}, {"defaultStatus": "unaffected", "product": "Arm 5th Gen GPU Architecture Userspace Driver", "vendor": "Arm Ltd", "versions": [{"changes": [{"at": "r49p4", "status": "unaffected"}], "lessThanOrEqual": "r49p3", "status": "affected", "version": "r48p0", "versionType": "patch"}, {"changes": [{"at": "r54p1", "status": "unaffected"}], "lessThanOrEqual": "r54p0", "status": "affected", "version": "r50p0", "versionType": "patch"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Lukas Bernhard"}], "datePublic": "2025-08-04T09:58:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.<p>This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.</p>"}], "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm", "dateUpdated": "2025-08-04T10:00:57.639Z"}, "references": [{"url": "https://developer.arm.com/documentation/110626/latest/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This issue has been fixed in the following versions: Bifrost GPU Userspace Driver r49p4, r54p1; Valhall GPU Userspace Driver r49p4, r54p1; Arm 5th Gen GPU Architecture Userspace Driver r49p4, r54p1. Arm recommends that affected users upgrade to the latest applicable version to protect against this issue.<br>"}], "value": "This issue has been fixed in the following versions: Bifrost GPU Userspace Driver r49p4, r54p1; Valhall GPU Userspace Driver r49p4, r54p1; Arm 5th Gen GPU Architecture Userspace Driver r49p4, r54p1. Arm recommends that affected users upgrade to the latest applicable version to protect against this issue."}], "source": {"discovery": "UNKNOWN"}, "title": "Mali GPU Userspace Driver allows access to already freed memory", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-08-05T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-0932"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-06T03:55:29.726Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-0932", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-05T18:33:32.849694Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-05T18:32:59.832Z"}}], "cna": {"title": "Mali GPU Userspace Driver allows access to already freed memory", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lukas Bernhard"}], "affected": [{"vendor": "Arm Ltd", "product": "Bifrost GPU Userspace Driver", "versions": [{"status": "affected", "changes": [{"at": "r49p4", "status": "unaffected"}], "version": "r48p0", "versionType": "patch", "lessThanOrEqual": "r49p3"}, {"status": "affected", "changes": [{"at": "r54p1", "status": "unaffected"}], "version": "r50p0", "versionType": "patch", "lessThanOrEqual": "r51p0"}], "defaultStatus": "unaffected"}, {"vendor": "Arm Ltd", "product": "Valhall GPU Userspace Driver", "versions": [{"status": "affected", "changes": [{"at": "r49p4", "status": "unaffected"}], "version": "r48p0", "versionType": "patch", "lessThanOrEqual": "r49p3"}, {"status": "affected", "changes": [{"at": "r54p1", "status": "unaffected"}], "version": "r50p0", "versionType": "patch", "lessThanOrEqual": "r54p0"}], "defaultStatus": "unaffected"}, {"vendor": "Arm Ltd", "product": "Arm 5th Gen GPU Architecture Userspace Driver", "versions": [{"status": "affected", "changes": [{"at": "r49p4", "status": "unaffected"}], "version": "r48p0", "versionType": "patch", "lessThanOrEqual": "r49p3"}, {"status": "affected", "changes": [{"at": "r54p1", "status": "unaffected"}], "version": "r50p0", "versionType": "patch", "lessThanOrEqual": "r54p0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "This issue has been fixed in the following versions: Bifrost GPU Userspace Driver r49p4, r54p1; Valhall GPU Userspace Driver r49p4, r54p1; Arm 5th Gen GPU Architecture Userspace Driver r49p4, r54p1. Arm recommends that affected users upgrade to the latest applicable version to protect against this issue.", "supportingMedia": [{"type": "text/html", "value": "This issue has been fixed in the following versions: Bifrost GPU Userspace Driver r49p4, r54p1; Valhall GPU Userspace Driver r49p4, r54p1; Arm 5th Gen GPU Architecture Userspace Driver r49p4, r54p1. Arm recommends that affected users upgrade to the latest applicable version to protect against this issue.<br>", "base64": false}]}], "datePublic": "2025-08-04T09:58:00.000Z", "references": [{"url": "https://developer.arm.com/documentation/110626/latest/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.", "supportingMedia": [{"type": "text/html", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.<p>This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416 Use After Free"}]}], "providerMetadata": {"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "shortName": "Arm", "dateUpdated": "2025-08-04T10:00:57.639Z"}}}, "cveMetadata": {"cveId": "CVE-2025-0932", "state": "PUBLISHED", "dateUpdated": "2025-08-06T03:55:29.726Z", "dateReserved": "2025-01-31T14:19:56.294Z", "assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846", "datePublished": "2025-08-04T10:00:57.639Z", "assignerShortName": "Arm"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0."}, {"lang": "es", "value": "La vulnerabilidad Use After Free en los controladores de espacio de usuario de GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver permite que un proceso de usuario sin privilegios realice operaciones de procesamiento de GPU v\u00e1lidas, incluso mediante WebGL o WebGPU, para obtener acceso a memoria ya liberada. Este problema afecta a los controladores de espacio de usuario de GPU Bifrost: de r48p0 a r49p3 y de r50p0 a r51p0; a los controladores de espacio de usuario de GPU Valhall: de r48p0 a r49p3 y de r50p0 a r54p0; y a los controladores de espacio de usuario de arquitectura de GPU de Arm 5.\u00aa generaci\u00f3n: de r48p0 a r49p3 y de r50p0 a r54p0."}], "id": "CVE-2025-0932", "lastModified": "2025-08-05T19:15:31.237", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-08-04T10:15:27.547", "references": [{"source": "arm-security@arm.com", "url": "https://developer.arm.com/documentation/110626/latest/"}], "sourceIdentifier": "arm-security@arm.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "arm-security@arm.com", "type": "Secondary"}]}

{}

{"created": "2025-08-05T07:25:40.239566+00:00", "updated": "2025-08-05T07:25:40.239619+00:00", "vendors": ["arm", "arm$PRODUCT$5th_gen_gpu_architecture_userspace_driver", "arm$PRODUCT$bifrost_gpu_userspace_driver", "arm$PRODUCT$valhall_gpu_userspace_driver"]}