Use-After-Free Vulnerability in GPU Drivers by Imagination Technologies
CVE-2025-25177

5.1MEDIUM

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 22 September 2025

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2025-25177?

A use-after-free vulnerability exists in GPU drivers developed by Imagination Technologies, where software running with non-privileged access can improperly execute GPU system calls. This can lead to kernel exceptions, potentially allowing a malicious user to exploit system resources and execute arbitrary code.

Affected Version(s)

Graphics DDK Linux 24.1 RTM <= 25.1 RTM2

Graphics DDK Linux 1.15 RTM

Graphics DDK Linux 25.2 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 22, 2025
Vulnerability Reserved
Feb 3, 2025

JSON