GPU Driver Vulnerability in Imagination Technologies Products
CVE-2025-58409

3.5LOW

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 13 January 2026

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2025-58409?

A vulnerability exists in the GPU drivers from Imagination Technologies that allows software running as a non-privileged user to execute improper GPU system calls. This can lead to the manipulation of GPU hardware in a way that writes to arbitrary physical memory pages, potentially corrupting data pages that are not managed by the GPU driver. The exploit can enable unintended write operations on internal GPU buffers, which may alter the behavior of kernel and other drivers, resulting in further complications in system memory integrity and security.

Affected Version(s)

Graphics DDK Linux 1.15 RTM

Graphics DDK Linux 1.17 RTM

Graphics DDK Linux 1.18 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Sep 1, 2025

CVE-2025-58409 Data

JSON