Imaginationtech

Ddk

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-13952

  • EPSS 0.02%
  • Veröffentlicht 24.01.2026 02:26:49
  • Zuletzt bearbeitet 28.01.2026 18:33:18

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges...

7.8

CVE-2025-10865

  • EPSS 0.02%
  • Veröffentlicht 13.01.2026 17:26:45
  • Zuletzt bearbeitet 30.01.2026 18:39:09

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where pot...

8.8

CVE-2025-58411

  • EPSS 0.02%
  • Veröffentlicht 13.01.2026 16:41:51
  • Zuletzt bearbeitet 30.01.2026 18:38:40

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an ...

3.5

CVE-2025-58409

  • EPSS 0.02%
  • Veröffentlicht 13.01.2026 16:37:46
  • Zuletzt bearbeitet 30.01.2026 18:39:02

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by th...

9.1

CVE-2025-25176

  • EPSS 0.04%
  • Veröffentlicht 13.01.2026 16:27:40
  • Zuletzt bearbeitet 30.01.2026 18:37:54

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in the non-secure environment of a platform.

5.9

CVE-2025-58408

  • EPSS 0.02%
  • Veröffentlicht 01.12.2025 11:16:24
  • Zuletzt bearbeitet 29.12.2025 15:04:34

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the st...

7.4

CVE-2025-58407

  • EPSS 0.04%
  • Veröffentlicht 17.11.2025 17:18:18
  • Zuletzt bearbeitet 08.01.2026 17:13:38

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine.

7.5

CVE-2025-58410

  • EPSS 0.05%
  • Veröffentlicht 17.11.2025 16:57:05
  • Zuletzt bearbeitet 12.01.2026 15:14:01

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource.

5.5

CVE-2025-46711

  • EPSS 0.03%
  • Veröffentlicht 22.09.2025 10:21:29
  • Zuletzt bearbeitet 17.10.2025 14:04:48

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions.

7.5

CVE-2025-46709

  • EPSS 0.06%
  • Veröffentlicht 08.08.2025 23:27:05
  • Zuletzt bearbeitet 17.10.2025 18:12:46

Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception.