CVE-2025-1246

02.06.2025, 11:15

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Arm	CNA	---				---
CISA-ADP	ADP	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Vendor	Product	Version
arm	5th_gen_gpu_architecture_userspace_driver	r41p0 ≤ 𝑥 < r49p4
arm	5th_gen_gpu_architecture_userspace_driver	r50p0 ≤ 𝑥 < r54p1
arm	bifrost_gpu_userspace_driver	r48p0 ≤ 𝑥 < r49p4
arm	valhall_gpu_userspace_driver	r28p0 ≤ 𝑥 < r49p4
arm	valhall_gpu_userspace_driver	r50p0 ≤ 𝑥 < r54p1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

https://developer.arm.com/documentation/110466/latest/