On February 3, 2025, Arm disclosed a vulnerability in the Mali GPU Kernel Driver that allows improper GPU processing operations.
This issue affects Valhall GPU Kernel Driver versions ranging from r48p0 to r49p1 and r50p0 to r52p0, as well as the Arm 5th Gen GPU Architecture Kernel Driver within the same version ranges.
The flaw enables a local, non-privileged user to access already freed memory through improper GPU operations.
Arm has resolved this issue in Valhall and Arm 5th Gen GPU Architecture Kernel Driver versions r49p2 and r53p0.
Users are advised to upgrade to these versions to mitigate potential risks.
Another critical vulnerability reported on February 3, 2025, involves the Mali GPU Kernel Driver causing system unresponsiveness.
This issue impacts Bifrost, Valhall, and Arm 5th Gen GPU Architecture Kernel Drivers across various versions, including r44p1, r46p0 to r49p0, and r50p0 to r51p0.
| CVE ID(s) | Description | Fixed in Versions |
|---|---|---|
| CVE-2025-0015 | Allows improper GPU processing operations | r49p2, r53p0 |
| CVE-2024-6790 | Can cause system unresponsiveness via GPU memory ops | r49p1, r52p0 |
| CVE-2024-3655, CVE-2024-2937, CVE-2024-4607 | Improper GPU memory processing operations | r49p1, r50p0 |
| CVE-2024-0153 | Affects GPU firmware, potentially enabling full system memory access | r47p0 |
Exploitation of this vulnerability allows a non-privileged user to execute valid GPU memory processing operations such as those via WebGL or WebGPU that render the entire system unresponsive.
Fixes have been implemented in Bifrost GPU Kernel Driver version r49p1 and Valhall/Arm 5th Gen GPU Architecture Kernel Driver versions r49p1 and r52p0.
Users are urged to update their systems accordingly. These vulnerabilities highlight the importance of timely updates to protect against potential exploitation and maintain system integrity.
Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free
Researchers have successfully infiltrated the digital fortress of one of the most prolific ransomware groups,…
CISA announced an eleventh-hour contract extension with MITRE Corporation to maintain the Common Vulnerabilities and…
Hackers have launched sophisticated schemes designed to defraud investors and steal their financial data. Utilizing…
Cybercriminals are exploiting an AI-powered presentation tool called Gamma to launch a multi-stage attack aimed…
Automated traffic generated by bad bots has for the first time surpassed human activity, accounting…
Landmark Admin, LLC (“Landmark”), a Texas-based third-party administrator for life insurance carriers, has confirmed that…
