GPU System Call Vulnerability in Imagination Technologies Graphics Driver
CVE-2024-12576

5.5MEDIUM

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 7 March 2025

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2024-12576?

A vulnerability exists in the Imagination Technologies graphics driver where software running as a non-privileged user can improperly invoke GPU system calls. This improper handling may lead to a crash of the firmware controlling the GPU, resulting in the freezing of graphics output and impairing system functionality.

Affected Version(s)

Graphics DDK Linux 1.15 RTM <= 24.3 RTM

Graphics DDK Linux 25.1 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2025
Vulnerability Reserved
Dec 12, 2024

JSON