Arm Bifrost GPU Userspace Driver
Moderate fix2 remedies
cpe:2.3:a:arm:bifrost_gpu_kernel_driver:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= r48p0, <= r49p3
- >= r50p0, <= r51p0
Arm Mali GPU Drivers Use-After-Free Vulnerability Allowing Memory Access
Vulnerability
Patched
A use-after-free vulnerability has been identified in the Arm Mali GPU Userspace Drivers for Bifrost, Valhall, and the 5th Gen GPU Architecture. This vulnerability allows a non-privileged user process to access already freed memory by performing valid GPU operations, including through WebGL or WebGPU. The issue is present in the Bifrost GPU Userspace Driver versions r48p0 prior to r49p3 and r50p0 prior to r51p0, as well as in the Valhall GPU Userspace Driver and the Arm 5th Gen GPU Architecture Userspace Driver, both of which are affected in versions r48p0 prior to r49p3 and r50p0 prior to r54p0.
Impact
Exploitation of this vulnerability could lead to unauthorized access to freed memory, potentially allowing for memory corruption or other unintended behavior in applications using the GPU drivers.
Remediation
Users are advised to upgrade to the latest versions of the affected drivers. The Bifrost, Valhall, and Arm 5th Gen GPU Architecture Userspace Drivers have been fixed in versions r49p4 and r54p1. The latest applicable versions can be downloaded from the Mali Driver Downloads page on the Arm Developer website.
Added: Aug 4, 2025, 10:19 AM
Updated: Aug 4, 2025, 10:19 AM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
0.0exploitability
2.9remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.