Skip to main content

Bifrost Gpu Userspace Driver CVE-2025-1246

| EUVDEUVD-2025-16637 HIGH
Buffer Overflow (CWE-119)
2025-06-02 arm-security@arm.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 16:47 euvd
EUVD-2025-16637
Analysis Generated
Mar 14, 2026 - 16:47 vuln.today
CVE Published
Jun 02, 2025 - 11:15 nvd
HIGH 7.8

DescriptionCVE.org

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.

AnalysisAI

Buffer over-read vulnerability in Arm GPU userspace drivers (Bifrost, Valhall, and 5th Gen architectures) that allows unprivileged local users to access memory outside allocated buffer bounds through valid GPU operations including WebGL and WebGPU. The vulnerability affects multiple driver versions across three GPU architectures and has a CVSS score of 7.8 with high impact on confidentiality, integrity, and availability; exploitation status and POC availability are not documented in the provided data.

Technical ContextAI

This vulnerability exists in the userspace GPU drivers for Arm's GPU architectures, which handle GPU memory management and buffer allocation for graphics workloads. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating inadequate bounds checking when the driver processes GPU operations. The affected drivers are: (1) Bifrost GPU Userspace Driver versions r18p0-r49p3 and r50p0-r51p0; (2) Valhall GPU Userspace Driver versions r28p0-r49p3 and r50p0-r54p0; (3) Arm 5th Gen GPU Architecture Userspace Driver versions r41p0-r49p3 and r50p0-r54p0. The vulnerability can be triggered through standard GPU interfaces including WebGL (via browser graphics rendering) and WebGPU (next-gen GPU API), meaning exploitation does not require direct GPU driver access but can occur through web-based GPU processing, significantly expanding the attack surface.

RemediationAI

Users should update to patched driver versions beyond the affected ranges: for Bifrost GPU Userspace Driver, upgrade to r51p1 or later (beyond r51p0); for Valhall GPU Userspace Driver, upgrade to r54p1 or later (beyond r54p0); for Arm 5th Gen GPU Architecture Userspace Driver, upgrade to r54p1 or later (beyond r54p0). OEMs and device manufacturers should consult Arm's official security advisories for their specific GPU driver lineage and apply patches through firmware updates. Interim mitigations pending patch deployment include: disabling WebGPU if not required (browser configuration), restricting WebGL in untrusted contexts via Content Security Policy, running untrusted applications in isolated sandboxes, and monitoring for suspicious GPU memory access patterns. System administrators should prioritize patching systems that run multi-user workloads or expose GPU functionality to untrusted code.

Share

CVE-2025-1246 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy