Preface:
A Use-After-Free (UAF) vulnerability occurs when a program continues to access memory after it has been freed. This can lead to unpredictable behavior, crashes, or even allow an attacker to execute arbitrary code. For example, if a program frees a block of memory but later tries to read or write to that memory, it can cause serious issues.
An Out-of-Bounds vulnerability happens when a program reads or writes data outside the boundaries of allocated memory. This can corrupt data, crash the program, or be exploited by attackers to execute arbitrary code. For instance, if an array has a size of 10 elements and the program tries to access the 11th element, it results in an out-of-bounds access.
Background:
GLES stands for OpenGL for Embedded Systems. It’s a subset of the OpenGL API designed for embedded devices like smartphones, tablets, and other portable devices. GLES is widely used in mobile games and applications because it provides a balance between performance and power consumption.
VK refers to Vulkan, a newer graphics API that provides high-efficiency, cross-platform access to modern GPUs. Vulkan offers more control over the GPU and lower overhead compared to OpenGL, making it suitable for high-performance applications like AAA games and real-time simulations.
Vulnerability details: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to make valid GPU processing operations, including via WebGL or WebGPU, to access a limited amount outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r0p0 through r49p2, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r19p0 through r49p2, from r50p0 through r53p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p2, from r50p0 through r53p0.
Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2025-0050
Another coincidental design flaw could have caused this vulnerability – Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.