Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-2879

Summary
Assigner-Arm
Assigner Org ID-56a131ea-b967-4a0d-a41e-5f3549952846
Published At-01 Dec, 2025 | 10:32
Updated At-01 Dec, 2025 | 18:15
Rejected At-
Credits

Mali GPU Kernel Driver allows improper GPU processing operations

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Arm
Assigner Org ID:56a131ea-b967-4a0d-a41e-5f3549952846
Published At:01 Dec, 2025 | 10:32
Updated At:01 Dec, 2025 | 18:15
Rejected At:
â–¼CVE Numbering Authority (CNA)
Mali GPU Kernel Driver allows improper GPU processing operations

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

Affected Products
Vendor
Arm LimitedArm Ltd
Product
Valhall GPU Kernel Driver
Default Status
unaffected
Versions
Affected
  • From r29p0 through r49p4 (patch)
    • -> unaffectedfromr49p5
  • From r50p0 through r54p0 (patch)
    • -> unaffectedfromr54p1
    • -> unaffectedfromr55p0
Vendor
Arm LimitedArm Ltd
Product
Arm 5th Gen GPU Architecture Kernel Driver
Default Status
unaffected
Versions
Affected
  • From r41p0 through r49p4 (patch)
    • -> unaffectedfromr49p5
  • From r50p0 through r54p0 (patch)
    • -> unaffectedfromr54p1
    • -> unaffectedfromr55p0
Problem Types
TypeCWE IDDescription
CWECWE-200CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Type: CWE
CWE ID: CWE-200
Description: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

This issue has been fixed in the following versions: Valhall GPU Kernel Driver r49p5, r54p1, r55p0; Arm 5th Gen GPU Architecture Kernel Driver r49p5, r54p1, r55p0. Arm partners are recommended to upgrade to use the latest applicable version as soon as possible.

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://developer.arm.com/documentation/110697/latest/
N/A
Hyperlink: https://developer.arm.com/documentation/110697/latest/
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.15.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:arm-security@arm.com
Published At:01 Dec, 2025 | 11:15
Updated At:02 Dec, 2025 | 14:43

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to expose sensitive data.This issue affects Valhall GPU Kernel Driver: from r29p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.1MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CPE Matches
Arm Limited
arm
>>5th_gen_gpu_architecture_kernel_driver>>Versions from r41p0(inclusive) to r49p5(exclusive)
cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*
Arm Limited
arm
>>5th_gen_gpu_architecture_kernel_driver>>Versions from r50p0(inclusive) to r54p1(exclusive)
cpe:2.3:a:arm:5th_gen_gpu_architecture_kernel_driver:*:*:*:*:*:*:*:*
Arm Limited
arm
>>valhall_gpu_kernel_driver>>Versions from r29p0(inclusive) to r49p5(exclusive)
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
Arm Limited
arm
>>valhall_gpu_kernel_driver>>Versions from r50p0(inclusive) to r54p1(exclusive)
cpe:2.3:a:arm:valhall_gpu_kernel_driver:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-200Secondaryarm-security@arm.com
CWE ID: CWE-200
Type: Secondary
Source: arm-security@arm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://developer.arm.com/documentation/110697/latest/arm-security@arm.com
Vendor Advisory
Hyperlink: https://developer.arm.com/documentation/110697/latest/
Source: arm-security@arm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2024-7881
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-5.1||MEDIUM
EPSS-0.12% / 31.19%
||
7 Day CHG~0.00%
Published-28 Jan, 2025 | 15:01
Updated-18 Dec, 2025 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is also dereferenced.

Action-Not Available
Vendor-Arm Limited
Product-c1-pro_firmwarec1-premium_firmwareneoverse-v3_firmwarec1-ultracortex-x4_firmwarec1-ultra_firmwareneoverse-v3ae_firmwarecortex-x4neoverse-v3cortex-x925_firmwarec1-premiumcortex-x925c1-procortex-x3neoverse-v3aeneoverse-v2_firmwareneoverse-v2cortex-x3_firmwareCortex-X925Neoverse V2Cortex-X4Neoverse V3C1-ProC1-PremiumCortex-X3Neoverse V3AEC1-Ultra
CWE ID-CWE-203
Observable Discrepancy
CWE ID-CWE-1422
Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
CVE-2025-6349
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-5.1||MEDIUM
EPSS-0.01% / 0.32%
||
7 Day CHG~0.00%
Published-01 Dec, 2025 | 10:32
Updated-02 Dec, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 through r54p1; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 through r54p1.

Action-Not Available
Vendor-Arm Limited
Product-5th_gen_gpu_architecture_kernel_drivervalhall_gpu_kernel_driverValhall GPU Kernel DriverArm 5th Gen GPU Architecture Kernel Driver
CWE ID-CWE-416
Use After Free
CVE-2024-10929
Matching Score-8
Assigner-Arm Limited
ShareView Details
Matching Score-8
Assigner-Arm Limited
CVSS Score-5.1||MEDIUM
EPSS-0.12% / 31.19%
||
7 Day CHG~0.00%
Published-22 Jan, 2025 | 16:05
Updated-18 Dec, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Spectre-BSE

In certain circumstances, an issue in Arm Cortex-A57, Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history.

Action-Not Available
Vendor-Arm Limited
Product-cortex-a57_firmwarecortex-a75cortex-a57cortex-a73_firmwarecortex-a75_firmwarecortex-a73cortex-a72_firmwarecortex-a72Cortex-A57Cortex-A72Cortex-A73Cortex-A75
CWE ID-CWE-203
Observable Discrepancy
CWE ID-CWE-1423
Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
CVE-2018-9056
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.12% / 30.92%
||
7 Day CHG~0.00%
Published-27 Mar, 2018 | 17:00
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.

Action-Not Available
Vendor-n/aIntel CorporationArm Limited
Product-xeon_e3_12201xeon_e3_1225_v3xeon_e5_2450lxeon_e5_1620_v3xeon_e5_1428lxeon_e5_1620_v4xeon_e3_1240l_v5xeon_e3_1270xeon_e3_1220_v6xeon_e3_1230l_v3xeon_e3_1230_v2xeon_e3_1225_v5xeon_e5_1630_v3xeon_bronze_3106xeon_e5_1680_v3xeon_e5_2643_v2xeon_e3_1235xeon_e3_1281_v3xeon_e3_1220l_v3xeon_e3_1275xeon_e5_2450_v2xeon_e5_2408l_v3xeon_e5_1428l_v3xeon_phixeon_e3_1240_v2xeon_e5_2648lxeon_e3_1276_v3xeon_silverxeon_e5_2609_v4atom_zxeon_e3_1265l_v2xeon_e3_1278l_v4xeon_e5_1620_v2xeon_e3_1240xeon_e5_2630_v2xeon_e3_1246_v3xeon_e5_2637core_i7xeon_e-1105cxeon_e5_2448lxeon_e5_2630lxeon_e5_2643xeon_e3_1275l_v3core_m3xeon_e3_1105c_v2xeon_e5_2637_v2xeon_e3xeon_e3_1245_v5xeon_e5_2430_v2xeon_e5_2640_v4xeon_e5_2648l_v2xeon_e5_2608l_v3xeon_e3_1501l_v6xeon_e3_1230_v3xeon_e3_1226_v3xeon_e5_1650_v3xeon_e5_2430lxeon_e5_2428l_v3xeon_e3_1240_v5xeon_e5_2430l_v2xeon_e5_2637_v3xeon_e7xeon_e3_1280_v5xeon_e3_1245_v6xeon_e5_2420_v2xeon_e5_2648l_v3core_i3celeron_nxeon_e5_2428lxeon_e3_1505m_v5xeon_e5_1660_v4xeon_e5_2620_v4xeon_e5_2428l_v2core_i5xeon_e3_1235l_v5xeon_e5_1660_v3celeron_jxeon_e5_2407_v2xeon_e5_2650_v2xeon_e3_1245_v3xeon_e3_1505l_v5xeon_e3_1230xeon_e3_1225xeon_e3_1245xeon_e5_2630_v4pentium_jatom_x3core_m7xeon_e3_1241_v3xeon_e3_1275_v2xeon_e3_1275_v6xeon_e3_1285l_v3xeon_e5_1620xeon_e5_2620_v3xeon_e5_2630l_v3cortex-axeon_e5_2640_v2xeon_platinumxeon_e5_1680_v4xeon_e5_2628l_v3xeon_e5_2609_v2xeon_e5_2430xeon_e5_2643_v3xeon_e5_1428l_v2xeon_e3_1240l_v3xeon_e3_1285l_v4xeon_bronze_3104xeon_e3_1125cxeon_e3_1230_v6xeon_e5_1630_v4xeon_e5_2407xeon_e5_2643_v4xeon_e3_1220_v3xeon_e3_1280_v6xeon_e5_2620xeon_e3_1285_v6xeon_e5_2618l_v4xeon_e3_1275_v3xeon_e3_1505l_v6xeon_e5_2418lxeon_e3_1275_v5xeon_e3_1286_v3xeon_e3_1220xeon_e3_1268l_v5xeon_e3_1240_v6xeon_e3_1290xeon_e5_2620_v2xeon_e3_1270_v5xeon_e5_2448l_v2xeon_e5_1650_v4core_m5xeon_e5_2450l_v2xeon_e5_2630l_v4xeon_e5_2403_v2xeon_e5_2609_v3xeon_e3_1220_v5xeon_e3_1268l_v3xeon_e5_2603xeon_e3_1285_v3xeon_e5_2630_v3xeon_e5_2450xeon_e5_2623_v3xeon_e5_2650l_v3xeon_e3_1501m_v6core_mxeon_e5_2650l_v2xeon_e3_1231_v3xeon_e3_1265l_v4xeon_e3_1280_v2xeon_e5_1650xeon_e5_2470xeon_e5_2438l_v3xeon_goldxeon_e5_2603_v3xeon_e3_1286l_v3atom_catom_exeon_e5_2603_v2pentium_nxeon_e3_1290_v2xeon_e5_1660xeon_e5_2618l_v3xeon_e5_2603_v4xeon_e5_2618l_v2xeon_e3_1220_v2xeon_e3_1270_v6xeon_e3_1280_v3xeon_e3_1225_v2xeonxeon_e3_1271_v3xeon_e3_12201_v2xeon_e5_2623_v4xeon_e3_1270_v2xeon_e5xeon_e3_1280xeon_e5_2640_v3xeon_e5_2628l_v4xeon_e3_1230_v5xeon_e3_1270_v3xeon_e5_2440xeon_e5_2440_v2xeon_e5_2608l_v4xeon_e5_2650xeon_e3_1265l_v3xeon_e5_1650_v2xeon_e3_1258l_v4xeon_e5_2650_v4xeon_e5_2609xeon_e5_2418l_v3xeon_e3_1260l_v5xeon_e5_2650lxeon_e5_2628l_v2xeon_e5_2418l_v2xeon_e3_1225_v6xeon_e5_2470_v2xeon_e5_2640xeon_e3_1245_v2xeon_e5_2637_v4xeon_e3_1285_v4xeon_e5_2630l_v2xeon_e5_2650_v3xeon_e3_1240_v3xeon_e5_2648l_v4xeon_e5_1660_v2xeon_e5_2403xeon_e3_1260lxeon_e5_2630xeon_e5_2420xeon_e3_1125c_v2n/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-5754
Matching Score-6
Assigner-Intel Corporation
ShareView Details
Matching Score-6
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-89.59% / 99.58%
||
7 Day CHG-0.09%
Published-04 Jan, 2018 | 13:00
Updated-28 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Action-Not Available
Vendor-Arm LimitedIntel Corporation
Product-xeon_e3_1280_v2core_mxeon_e3_1245_v3xeon_e3_1270_v3xeon_e3_12201_v2core_m3xeon_e-1105cxeon_e3_1290xeon_e5_2470_v2xeon_e5_2623_v4xeon_e3_1258l_v4xeon_e3_1260l_v5xeon_e5_2630l_v2xeon_e3_1245_v2xeon_e3_1240l_v5xeon_e5_2643_v3xeon_e5_2640_v3xeon_e3_1280xeon_e5_2470xeon_e5_2418l_v3xeon_e5_2603_v3xeon_e5_1650xeon_e5_2648l_v3xeon_e5_2609_v4xeon_e3_1505l_v6xeon_e5_1630_v3xeon_goldxeon_e3_1220_v3xeon_e3_1125c_v2xeon_e3_1230xeon_e3_1270_v2xeon_e3_1501l_v6xeon_e5_2620xeon_e5_2648l_v4xeon_e3_1275_v3xeon_e3_1220_v6xeon_e3_1281_v3xeon_e5_1650_v3xeon_e3_1220l_v3core_m7xeon_e3_1505m_v5celeron_nxeon_bronze_3104xeon_e3_1275l_v3xeon_e3_1501m_v6atom_epentium_nxeon_e5_2609xeon_phixeon_e5_2609_v2xeon_e3_1275_v2xeon_e5_2620_v2xeonxeon_e3_1265l_v3core_i3xeon_e3_1240xeon_e3_1240_v6xeon_e5_2430lxeon_e3_1245_v5xeon_e3_1278l_v4xeon_e3_1225xeon_e5_2418l_v2xeon_e3_1220_v5xeon_e5_1428l_v3xeon_e5_1680_v4xeon_silvercortex-axeon_e5_2637_v2xeon_e3_1230_v2xeon_e5_1660_v2xeon_e5_2643xeon_e3_1270_v5xeon_e5_2650xeon_e3_1240_v5xeon_e3_1230_v6xeon_e3_1286l_v3xeon_e3_1240_v2xeon_e3_1230_v5xeon_e5_2643_v2atom_cxeon_bronze_3106xeon_e3_1275_v5xeon_e3_1105c_v2xeon_e5_2450l_v2xeon_e5_2420xeon_e5_2609_v3xeon_e3_1285_v3xeon_e5_2448l_v2xeon_e5_2608l_v4xeon_e5_1620_v4xeon_e5_2630_v3xeon_e3_1230l_v3xeon_e3_1265l_v2xeon_e5_2630_v2xeon_e5_2407_v2xeon_e3_1276_v3xeon_e5_2603_v4xeon_e3_1275_v6xeon_e5_2408l_v3xeon_e5_2403xeon_e5_2637_v4xeon_e3_1275xeon_e5_2430_v2xeon_e5_2637celeron_jxeon_e5_1660xeon_e5_2418lpentium_jxeon_e3_1290_v2xeon_e5_2438l_v3xeon_e5_1428lxeon_e3_1285l_v4xeon_e5_2630xeon_e3_1285_v4xeon_e5_1680_v3xeon_e3_1268l_v5xeon_e5_1660_v4xeon_e3_1225_v3xeon_e5_2630l_v4xeon_e5_2650l_v2xeon_e3_1225_v5xeon_e5_1630_v4xeon_e5_2640xeon_e3_1268l_v3xeon_e3_1240_v3xeon_e5_2428lxeon_e5_1620_v2atom_x3xeon_e5_1650_v4xeon_e5_2403_v2xeon_e5_2648l_v2xeon_e3_1286_v3xeon_e3_1270xeon_e3_1125cxeon_e5_2608l_v3xeon_e3_1280_v5xeon_e5_2623_v3xeon_e5_2450xeon_e5_1660_v3xeon_e5_2450lxeon_e5_2603_v2atom_zxeon_e3_1280_v6xeon_e3_12201xeon_e5_2628l_v2xeon_e5_2650l_v3xeon_e5_2643_v4xeon_e3_1241_v3xeon_e3_1246_v3xeon_e3_1230_v3xeon_e3_1285l_v3xeon_e5_2430core_i7core_i5xeon_e5_2618l_v3xeon_e5_2620_v4core_m5xeon_e5_1650_v2xeon_e3_1226_v3xeon_e5_2620_v3xeon_e5_2630lxeon_e5_2648lxeon_e5_2637_v3xeon_e5_2650_v4xeon_e5_2448lxeon_e3_1225_v6xeon_e5xeon_e5_2650_v3xeon_e5_2430l_v2xeon_e3_1271_v3xeon_e5_1428l_v2xeon_e5_1620_v3xeon_e3_1260lxeon_e3_1235xeon_e5_2407xeon_e5_2440xeon_e5_2628l_v3xeon_platinumxeon_e5_2428l_v2xeon_e3_1235l_v5xeon_e5_2640_v4xeon_e5_2450_v2xeon_e3_1220xeon_e3_1505l_v5xeon_e3_1280_v3xeon_e3_1245xeon_e5_2618l_v4xeon_e5_2630l_v3xeon_e5_2640_v2xeon_e5_2628l_v4xeon_e3_1265l_v4xeon_e5_1620xeon_e5_2650_v2xeon_e7xeon_e3_1231_v3xeon_e5_2603xeon_e5_2650lxeon_e5_2630_v4xeon_e3_1225_v2xeon_e3_1285_v6xeon_e3_1240l_v3xeon_e5_2428l_v3xeon_e5_2618l_v2xeon_e5_2420_v2xeon_e3_1220_v2xeon_e5_2440_v2xeon_e3_1270_v6xeon_e3_1245_v6xeon_e3Most Modern Operating Systems
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-4272
Matching Score-6
Assigner-Arm Limited
ShareView Details
Matching Score-6
Assigner-Arm Limited
CVSS Score-5.5||MEDIUM
EPSS-0.26% / 49.96%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 15:18
Updated-04 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mali GPU Kernel Driver exposes sensitive data from freed memory

A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.

Action-Not Available
Vendor-Arm Limited
Product-bifrost_gpu_kernel_drivervalhall_gpu_kernel_drivermidgard_gpu_kernel_drivermali_gpu_kernel_driverArm 5th Gen GPU Architecture Kernel DriverBifrost GPU Kernel DriverValhall GPU Kernel DriverMidgard GPU Kernel Driver
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-1251
Mirrored Regions with Different Values
CVE-2024-56193
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.03% / 8.28%
||
7 Day CHG~0.00%
Published-27 May, 2025 | 15:41
Updated-04 Sep, 2025 | 05:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Android
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-52372
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.11% / 29.08%
||
7 Day CHG~0.00%
Published-21 Jul, 2025 | 00:00
Updated-08 Aug, 2025 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components.

Action-Not Available
Vendor-hmailservern/a
Product-hmailservern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Details not found