5.9
CVE-2025-0050
- EPSS 0.1%
- Veröffentlicht 07.04.2025 12:02:02
- Zuletzt bearbeitet 18.12.2025 15:27:59
- Quelle arm-security@arm.com
- CVE-Watchlists
- Unerledigt
LoginImproper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arm ≫ 5th Gen Gpu Architecture Userspace Driver Version >= r41p0 < r49p3
Arm ≫ 5th Gen Gpu Architecture Userspace Driver Version >= r50p0 < r54p0
Arm ≫ Bifrost Gpu Userspace Driver Version >= r0p0 < r49p3
Arm ≫ Bifrost Gpu Userspace Driver Version >= r50p0 <= r51p0
Arm ≫ Valhall Gpu Userspace Driver Version >= r19p0 < r49p3
Arm ≫ Valhall Gpu Userspace Driver Version >= r50p0 < r54p0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.1% | 0.274 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.9 | 2.5 | 3.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.