A critical vulnerability in Arm’s Mali GPU driver has been discovered, allowing malicious Android applications to bypass Memory Tagging Extension (MTE) protections and achieve arbitrary kernel code execution. This vulnerability, designated CVE-2025-0072, affects devices equipped with newer Arm Mali GPUs, including Google’s Pixel 7, 8, and 9 series smartphones. The exploit involves manipulating the CSF queue binding and unbinding processes within the driver, creating a use-after-free condition that enables the manipulation of GPU memory management structures. This vulnerability underscores the potential to compromise device security and demonstrates that modern hardware security extensions can be bypassed through sophisticated driver-level attacks.
Source: https://cybersecuritynews.com/arm-mali-gpu-vulnerability-let-bypass-mte/
TPRM report: https://scoringcyber.rankiteo.com/company/google
"id": "goo828052725",
"linkid": "google",
"type": "Vulnerability",
"date": "5/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Technology',
'name': 'Google',
'type': 'Company'}],
'attack_vector': 'Exploiting communication mechanism between Mali GPUs and '
'userland applications through command queues',
'date_detected': '2024-12-12',
'date_publicly_disclosed': '2025-05-02',
'date_resolved': '2025-05-02',
'description': 'A critical vulnerability (CVE-2025-0072) in Arm’s Mali GPU '
'driver allows malicious Android applications to bypass Memory '
'Tagging Extension (MTE) protections and achieve arbitrary '
'kernel code execution.',
'impact': {'systems_affected': ['Google’s Pixel 7, 8, and 9 series '
'smartphones']},
'references': [{'source': 'GitHub'}],
'response': {'remediation_measures': ['Arm addressed the vulnerability in '
'Mali driver version r54p0']},
'title': 'Critical Vulnerability in Arm’s Mali GPU Driver',
'type': 'Vulnerability',
'vulnerability_exploited': 'CVE-2025-0072'}