CVE-2025-2879

5.1 MEDIUM

Published: December 01, 2025 Modified: December 02, 2025

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://developer.arm.com/documentation/110697/latest/

Source: arm-security@arm.com

Vendor Advisory

1 reference(s) from NVD

Quick Stats

CVSS v3 Score

5.1 / 10.0

EPSS (Exploit Probability)

0.0%

4th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

arm

Related CVEs

CVE-2026-3988 7.5

CVE-2026-3857 8.1

CVE-2026-34085 5.9

CVE-2026-32573 N/A

CVE-2026-32567 N/A