CVE-2025-0073 is a high-severity Use After Free (UAF) vulnerability identified in the Arm Ltd Valhall GPU Kernel Driver, specifically affecting the Arm 5th Generation GPU Architecture Kernel Driver versions from r53p0 up to but not including r54p0. This vulnerability arises due to improper handling of GPU memory operations by a local, non-privileged user process, which can access memory that has already been freed. The flaw is categorized under CWE-416, indicating that the kernel driver fails to properly manage the lifecycle of allocated memory, leading to potential use of dangling pointers. Exploiting this vulnerability could allow an attacker with local access to execute arbitrary code with elevated privileges, compromise system integrity, and cause denial of service by corrupting kernel memory. The CVSS v3.1 base score of 7.8 reflects the significant impact on confidentiality, integrity, and availability, with low attack complexity and requiring only limited privileges but no user interaction. Although no known exploits are currently reported in the wild, the vulnerability's nature and the critical role of GPU drivers in modern computing environments make it a serious concern. The lack of available patches at the time of publication underscores the urgency for affected organizations to monitor for updates and implement interim mitigations. This vulnerability is particularly relevant for systems using Arm's Valhall GPU architecture, commonly found in embedded devices, mobile platforms, and increasingly in edge computing and server environments leveraging Arm-based processors.

For European organizations, the impact of CVE-2025-0073 can be substantial, especially those relying on Arm-based hardware with Valhall GPU architecture in their infrastructure. The vulnerability allows local attackers to escalate privileges and potentially execute arbitrary code within the kernel context, threatening the confidentiality and integrity of sensitive data and critical applications. This can lead to unauthorized data access, system compromise, and service disruptions. Industries such as telecommunications, automotive, industrial control systems, and IoT deployments, which increasingly adopt Arm-based solutions, may face heightened risks. Additionally, sectors handling sensitive personal data under GDPR regulations could suffer compliance violations if breaches occur due to exploitation. The vulnerability's exploitation could also facilitate lateral movement within networks, undermining overall organizational security posture. Given the growing adoption of Arm architectures in European data centers and edge computing, the threat extends beyond consumer devices to enterprise and critical infrastructure environments.

To mitigate CVE-2025-0073 effectively, European organizations should: 1) Immediately inventory and identify all systems utilizing the affected Valhall GPU Kernel Driver versions (r53p0 to before r54p0). 2) Monitor Arm Ltd's official channels for the release of security patches or updated driver versions and prioritize timely deployment once available. 3) Implement strict access controls to limit local user privileges, reducing the risk of exploitation by non-privileged users. 4) Employ kernel-level exploit mitigation techniques such as Kernel Address Space Layout Randomization (KASLR) and Kernel Page-Table Isolation (KPTI) where supported to increase exploitation difficulty. 5) Use application whitelisting and endpoint detection and response (EDR) solutions to detect anomalous behavior indicative of exploitation attempts. 6) For environments where patching is delayed, consider isolating vulnerable systems or restricting access to trusted users only. 7) Conduct regular security audits and penetration testing focusing on GPU driver vulnerabilities and privilege escalation paths. 8) Educate system administrators and security teams about the specific risks associated with GPU driver vulnerabilities to enhance incident response readiness.