Use-After-Free Vulnerability in GPU Drivers by Imagination Technologies
CVE-2025-1706

7.5HIGH

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 17 May 2025

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2025-1706?

A use-after-free vulnerability exists in GPU drivers developed by Imagination Technologies. When software operates with non-privileged user rights, it may improperly execute GPU system calls, leading to potential kernel exceptions. This flaw opens avenues for unauthorized access and exploitation, making it crucial for users to be aware of the risks associated with affected driver versions.

Affected Version(s)

Graphics DDK Linux 24.1 RTM <= 24.3 RTM

Graphics DDK Linux 1.15 RTM

Graphics DDK Linux 25.1 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 17, 2025
Vulnerability Reserved
Feb 26, 2025

JSON