{"id":59702,"date":"2025-07-28T09:41:00","date_gmt":"2025-07-28T09:41:00","guid":{"rendered":""},"modified":"2025-10-02T05:37:04","modified_gmt":"2025-10-02T11:37:04","slug":"cve-2025-0819-use-after-free-vulnerability-in-arm-ltd-gpu-kernel-drivers","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-0819-use-after-free-vulnerability-in-arm-ltd-gpu-kernel-drivers\/","title":{"rendered":"CVE-2025-0819: Use After Free Vulnerability in Arm Ltd GPU Kernel Drivers<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

In the dynamic landscape of cybersecurity, a critical vulnerability, CVE-2025-0819, has been discovered in various GPU kernel drivers developed by Arm Ltd, a leading technology provider of silicon IP and custom SoCs. This vulnerability exposes systems to potential compromise and data leakage, making it a significant concern for organizations that rely on these GPU drivers for their operations. The affected drivers include Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver, and Arm 5th Gen GPU<\/a> Architecture Kernel Driver.
\nThe vulnerability essentially allows<\/a> a local non-privileged user process to perform valid GPU memory processing operations on already freed memory. Consequently, it opens up the potential for unauthorized<\/a> access to sensitive data and compromises system integrity.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-0819
\nSeverity: High (7.8 CVSS Score)
\nAttack Vector: Local
\nPrivileges Required: None (Non-Privileged User Process)
\nUser Interaction: None
\nImpact: Potential system compromise<\/a> and data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n