{"timestamp":"2025-06-02T13:43:32.133322Z","id":"CVE-2025-1246","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Arm Ltd","product":"Bifrost GPU Userspace Driver","defaultStatus":"unaffected","versions":[{"version":"r18p0","lessThanOrEqual":"r49p3","versionType":"patch","status":"affected","changes":[{"at":"r49p4","status":"unaffected"}]},{"version":"r50p0","lessThanOrEqual":"r51p0","versionType":"patch","status":"affected","changes":[{"at":"r54p1","status":"unaffected"}]}]},{"vendor":"Arm Ltd","product":"Valhall GPU Userspace Driver","defaultStatus":"unaffected","versions":[{"version":"r28p0","lessThanOrEqual":"r49p3","versionType":"patch","status":"affected","changes":[{"at":"r49p4","status":"unaffected"}]},{"version":"r50p0","lessThanOrEqual":"r54p0","versionType":"patch","status":"affected","changes":[{"at":"r54p1","status":"unaffected"}]}]},{"vendor":"Arm Ltd","product":"Arm 5th Gen GPU Architecture Userspace Driver","defaultStatus":"unaffected","versions":[{"version":"r41p0","lessThanOrEqual":"r49p3","versionType":"patch","status":"affected","changes":[{"at":"r49p4","status":"unaffected"}]},{"version":"r50p0","lessThanOrEqual":"r54p0","versionType":"patch","status":"affected","changes":[{"at":"r54p1","status":"unaffected"}]}]}]

OR
          *cpe:2.3:a:arm:5th_gen_gpu_architecture_userspace_driver:*:*:*:*:*:*:*:* versions from (including) r41p0 up to (excluding) r49p4
          *cpe:2.3:a:arm:5th_gen_gpu_architecture_userspace_driver:*:*:*:*:*:*:*:* versions from (including) r50p0 up to (excluding) r54p1
          *cpe:2.3:a:arm:bifrost_gpu_userspace_driver:*:*:*:*:*:*:*:* versions from (including) r48p0 up to (excluding) r49p4
          *cpe:2.3:a:arm:bifrost_gpu_userspace_driver:r50p0:*:*:*:*:*:*:*
          *cpe:2.3:a:arm:bifrost_gpu_userspace_driver:r51p0:*:*:*:*:*:*:*
          *cpe:2.3:a:arm:valhall_gpu_userspace_driver:*:*:*:*:*:*:*:* versions from (including) r28p0 up to (excluding) r49p4
          *cpe:2.3:a:arm:valhall_gpu_userspace_driver:*:*:*:*:*:*:*:* versions from (including) r50p0 up to (excluding) r54p1

Arm Limited: https://developer.arm.com/documentation/110466/latest/ Types: Vendor Advisory

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0.

CWE-119

https://developer.arm.com/documentation/110466/latest/