Vulnerability Description
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arm | 5Th Gen Gpu Architecture Userspace Driver | >= r41p0, < r49p4 |
| Arm | Bifrost Gpu Userspace Driver | >= r48p0, < r49p4 |
| Arm | Valhall Gpu Userspace Driver | >= r28p0, < r49p4 |
Related Weaknesses (CWE)
References
- https://developer.arm.com/documentation/110466/latest/Vendor Advisory
FAQ
What is CVE-2025-1246?
CVE-2025-1246 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architectur...
How severe is CVE-2025-1246?
CVE-2025-1246 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-1246?
Check the references section above for vendor advisories and patch information. Affected products include: Arm 5Th Gen Gpu Architecture Userspace Driver, Arm Bifrost Gpu Userspace Driver, Arm Valhall Gpu Userspace Driver.