CVE-2025-0932 — Use After Free in ARM 5TH GEN GPU Architecture Userspace Driver

CWE-416 — Use After Free4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.0%

top 86.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ARM 5TH GEN GPU Architecture Userspace Driver ARM Bifrost GPU Userspace Driver ARM Valhall GPU Userspace Driver +5 more

Timeline

PublishedAug 4

Latest updateFeb 26

Description

Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages8 packages

▶NVDarm/bifrost_gpu_userspace_driverr48p0 — r49p4+1

▶NVDarm/valhall_gpu_userspace_driverr48p0 — r49p4+1

▶NVDarm/5th_gen_gpu_architecture_userspace_driverr48p0 — r49p4+1

▶CVEListV5arm_ltd/bifrost_gpu_userspace_driverr48p0 — r49p3+1

▶CVEListV5arm_ltd/valhall_gpu_userspace_driverr48p0 — r49p3+1

🔴Vulnerability Details

GHSA

GHSA-mh44-5f8w-px3g: Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Users↗2025-08-04

▶

📋Vendor Advisories

Chrome

Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2025-0932↗2026-02-26

▶

Android

CVE-2025-0932: Mali↗2025-08-01

▶