CVE-2025-1246— Mali GPU Userspace Driver allows an Out-of-Bounds access
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-1246
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mali GPU Userspace Driver allows an Out-of-Bounds access
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
ARM多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ARM Bifrost GPU Userspace Driver是英国ARM公司的一个用户空间驱动程序。 ARM多款产品存在安全漏洞,该漏洞源于内存缓冲区边界限制不当,可能导致越界访问。以下产品和版本受到影响:Arm Ltd Bifrost GPU Userspace Driver r18p0至r49p3版本和r50p0至r51p0版本、Arm Ltd Valhall GPU Userspace Driver r28p0至r49p3版本和r50p0至r54p0版本、Arm Ltd Arm 5th Gen
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Arm Ltd | Bifrost GPU Userspace Driver | r18p0 ~ r49p3 | - | |
| Arm Ltd | Valhall GPU Userspace Driver | r28p0 ~ r49p3 | - | |
| Arm Ltd | Arm 5th Gen GPU Architecture Userspace Driver | r41p0 ~ r49p3 | - |
II. Public POCs for CVE-2025-1246
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-1246
请登录查看更多情报信息。
Same Patch Batch · Arm Ltd · 2025-06-02 · 3 CVEs total
| CVE-2025-0819 | Mali GPU Kernel Driver allows access to already freed memory | |
| CVE-2025-0073 | Mali GPU Kernel Driver allows improper GPU memory processing operations |
IV. Related Vulnerabilities
Same vendor: Arm Ltd
- CVE-2025-6349
Mali GPU Kernel Driver allows improper GPU memory processing - CVE-2025-8045
Mali GPU Kernel Driver allows improper GPU processing operat - CVE-2025-2879
Mali GPU Kernel Driver allows improper GPU processing operat - CVE-2025-3212
Mali GPU Kernel Driver allows access to already freed memory - CVE-2025-0932
Mali GPU Userspace Driver allows access to already freed mem
Same weakness: CWE-119
- CVE-2026-22167
GPU DDK - Cache resident PM buffers writable by other GPU re - CVE-2026-27890
Firebird has Pre-Auth DOS when Processing Out of Order CNCT_ - CVE-2026-34864
Huawei HarmonyOS 安全漏洞 - CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code - CVE-2026-34988
Wasmtime leaks data between pooling allocator instances
V. Comments for CVE-2025-1246
No comments yet