CVE-2025-8045 is a Use After Free (CWE-416) vulnerability identified in the Arm Ltd Valhall GPU Kernel Driver, specifically affecting versions from r53p0 through r54p1, which correspond to the Arm 5th Generation GPU architecture. This vulnerability arises when a local, non-privileged user process performs improper GPU processing operations that lead to accessing memory that has already been freed. Such a condition can result in the disclosure of sensitive information residing in the freed memory space. The flaw exists within the kernel driver managing GPU operations, which means exploitation requires local access to the system but does not require elevated privileges or user interaction. The vulnerability does not impact the integrity or availability of the system, focusing primarily on confidentiality leakage. The CVSS v3.1 base score is 4.0, reflecting a medium severity level due to the local attack vector and limited impact scope. No patches have been linked or released at the time of publication, and no known exploits have been reported in the wild. The vulnerability was reserved in July 2025 and published in December 2025. The affected GPU architecture is widely used in mobile and embedded devices, including smartphones, tablets, and IoT devices, which rely on Arm’s Valhall GPU kernel driver for graphics processing. The vulnerability could be exploited by malicious local users or malware to read sensitive data from GPU memory, potentially exposing cryptographic keys, personal data, or other confidential information processed by the GPU.

For European organizations, the primary impact of CVE-2025-8045 is the potential local disclosure of sensitive information processed or stored in GPU memory. This could affect confidentiality, particularly in environments where sensitive workloads or cryptographic operations utilize the GPU. Since exploitation requires local access without privilege escalation, the threat is more relevant in scenarios where untrusted users or malware can execute code locally, such as shared workstations, developer machines, or multi-user systems. The vulnerability does not affect system integrity or availability, so it is less likely to cause system crashes or data corruption. However, information leakage could facilitate further attacks or data breaches. European enterprises with mobile device fleets, embedded systems, or edge computing devices using Arm 5th Gen GPUs may be at risk. The lack of known exploits reduces immediate risk, but the medium severity score and potential for sensitive data exposure warrant proactive mitigation. Organizations in sectors handling sensitive personal data, intellectual property, or critical infrastructure should be particularly vigilant.

1. Monitor Arm Ltd’s official channels for patches addressing CVE-2025-8045 and apply them promptly once available. 2. Restrict local access to systems running affected Arm 5th Gen GPU drivers to trusted users only, minimizing the risk of local exploitation. 3. Employ endpoint security solutions that detect and prevent unauthorized local code execution or privilege escalation attempts. 4. Implement strict user account controls and limit the use of shared or guest accounts on devices with affected GPUs. 5. Conduct regular security audits and vulnerability scans focusing on GPU driver versions to identify and remediate vulnerable systems. 6. For organizations deploying embedded or IoT devices with Arm GPUs, ensure firmware and driver updates are part of the device lifecycle management. 7. Consider isolating sensitive workloads from untrusted users or processes to reduce the risk of information leakage via GPU memory. 8. Educate users about the risks of running untrusted code locally and enforce policies to prevent unauthorized software installation.