Filtered by vendor Arm
Subscriptions
Total
175 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54764 | 3 Arm, Mbed, Mbed-tls | 3 Mbed Tls, Mbed, Mbedtls | 2025-10-31 | 6.2 Medium |
| Mbed TLS before 3.6.5 allows a local timing attack against certain RSA operations, and direct calls to mbedtls_mpi_mod_inv or mbedtls_mpi_gcd. | ||||
| CVE-2025-27810 | 1 Arm | 1 Mbed Tls | 2025-10-30 | 5.4 Medium |
| Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays. | ||||
| CVE-2024-4610 | 1 Arm | 2 Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-10-23 | 7.4 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r34p0 through r40p0; Valhall GPU Kernel Driver: from r34p0 through r40p0. | ||||
| CVE-2023-4211 | 1 Arm | 4 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Midgard Gpu Kernel Driver and 1 more | 2025-10-23 | 5.5 Medium |
| A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | ||||
| CVE-2025-59438 | 3 Arm, Mbed, Mbed-tls | 3 Mbed Tls, Mbed, Mbedtls | 2025-10-23 | 5.3 Medium |
| Mbed TLS through 3.6.4 has an Observable Timing Discrepancy. | ||||
| CVE-2024-48984 | 2 Arm, Mbed | 2 Mbed Os, Mbed | 2025-09-24 | 9.8 Critical |
| An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc. In doing this, it tracks the largest report so it can later allocate a buffer that fits every individual report (but only one at a time). It does not, however, validate that these addresses are all contained within the buffer passed to hciEvtProcessLeExtAdvReport. It is then possible, though unlikely, that the buffer designated to hold the reports is allocated in such a way that one of these out-of-bounds length fields is contained within the new buffer. When the (n-1)th report is copied, it overwrites the length field of the nth report. This now corrupted length field is then used for a memcpy into the new buffer, which may lead to a buffer overflow. | ||||
| CVE-2024-22905 | 1 Arm | 2 Mbed-os, Mbed Os | 2025-09-15 | 7.0 High |
| Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function. | ||||
| CVE-2025-49459 | 3 Arm, Microsoft, Zoom | 5 Arm, Windows, Workplace and 2 more | 2025-09-12 | 7.8 High |
| Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-3212 | 1 Arm | 3 Arm 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-09-09 | 5.3 Medium |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p4, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p4, from r50p0 through r54p0. | ||||
| CVE-2025-49087 | 2 Arm, Mbed | 2 Mbed Tls, Mbedtls | 2025-08-07 | 4 Medium |
| In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used. | ||||
| CVE-2025-0932 | 1 Arm | 3 5th Gen Gpu Architecture Userspace Driver, Bifrost Gpu Userspace Driver, Valhall Gpu Userspace Driver | 2025-08-06 | 4.3 Medium |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0. | ||||
| CVE-2024-10929 | 1 Arm | 3 Cortex-a72, Cortex-a73, Cortex-a75 | 2025-07-22 | 5.1 Medium |
| In certain circumstances, an issue in Arm Cortex-A57, Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history. | ||||
| CVE-2025-49601 | 2 Arm, Mbed | 2 Mbed Tls, Mbedtls | 2025-07-17 | 4.8 Medium |
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input. | ||||
| CVE-2025-49600 | 2 Arm, Mbed | 2 Mbed Tls, Mbedtls | 2025-07-17 | 4.9 Medium |
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an attacker (who can induce a hardware hash accelerator fault) to bypass LMS signature verification by reusing stale stack data, resulting in acceptance of an invalid signature. In mbedtls_lms_verify, the return values of the internal Merkle tree functions create_merkle_leaf_value and create_merkle_internal_value are not checked. These functions return an integer that indicates whether the call succeeded or not. If a failure occurs, the output buffer (Tc_candidate_root_node) may remain uninitialized, and the result of the signature verification is unpredictable. When the software implementation of SHA-256 is used, these functions will not fail. However, with hardware-accelerated hashing, an attacker could use fault injection against the accelerator to bypass verification. | ||||
| CVE-2025-27809 | 1 Arm | 1 Mbed Tls | 2025-07-17 | 5.4 Medium |
| Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname. | ||||
| CVE-2024-11863 | 1 Arm | 1 Scp-firmware | 2025-07-12 | 5.3 Medium |
| Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP | ||||
| CVE-2024-11864 | 1 Arm | 1 Scp-firmware | 2025-07-12 | 7.5 High |
| Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP | ||||
| CVE-2025-1246 | 1 Arm | 3 5th Gen Gpu Architecture Userspace Driver, Bifrost Gpu Userspace Driver, Valhall Gpu Userspace Driver | 2025-07-02 | 7.8 High |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to access outside of buffer bounds.This issue affects Bifrost GPU Userspace Driver: from r18p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r28p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r49p3, from r50p0 through r54p0. | ||||
| CVE-2025-0819 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-07-02 | 7.8 High |
| Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform valid GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r51p0; Valhall GPU Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r49p3, from r50p0 through r54p0. | ||||
| CVE-2025-0073 | 1 Arm | 2 5th Gen Gpu Architecture Kernel Driver, Valhall Gpu Kernel Driver | 2025-07-02 | 7.8 High |
| Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r53p0 before r54p0; Arm 5th Gen GPU Architecture Kernel Driver: from r53p0 before r54p0. | ||||