Exfiltration Vulnerability in Secure Workloads Affecting Imagination Technologies Products
CVE-2025-25176

9.1CRITICAL

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 13 January 2026

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2025-25176?

This vulnerability allows applications running in a non-secure environment to exfiltrate intermediate register values from secure workloads. This could potentially lead to sensitive information exposure, compromising the integrity and confidentiality of the secure environment. Users of affected Imagination Technologies products should take immediate action to mitigate risk and secure their systems.

Affected Version(s)

Graphics DDK Linux 1.15 RTM

Graphics DDK Linux 1.17 RTM

Graphics DDK Linux 1.18 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Feb 3, 2025

CVE-2025-25176 Data

JSON