CVE-2025-0819: Mali GPU Kernel Driver allows access to already freed memory

Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0.

Classification

CVE ID: CVE-2025-0819

Problem Types

CWE-416 Use After Free

Affected Products

Vendor: Arm Ltd

Product: Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver, Arm 5th Gen GPU Architecture Kernel Driver

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 1.72% (scored less or equal to compared to others)

EPSS Date: 2025-06-08 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0819
https://developer.arm.com/documentation/110466/latest/

Timeline

2025-06-02 12:40:22 UTC
CVE

Mali GPU Kernel Driver allows access to already freed memory