CVE-2025-0073: Mali GPU Kernel Driver allows improper GPU memory processing operations

Description

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0.

Classification

CVE ID: CVE-2025-0073

Problem Types

CWE-416 Use After Free

Affected Products

Vendor: Arm Ltd

Product: Valhall GPU Kernel Driver, Arm 5th Gen GPU Architecture Kernel Driver

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 1.72% (scored less or equal to compared to others)

EPSS Date: 2025-06-08 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0073
https://developer.arm.com/documentation/110466/latest/

Timeline

2025-06-02 12:40:22 UTC
CVE

Mali GPU Kernel Driver allows improper GPU memory processing operations