Kernel Software Information Leakage in Untrusted Execution Environments by Imagination Technologies
CVE-2025-6573

9.8CRITICAL

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 9 August 2025

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2025-6573?

A vulnerability has been identified in kernel software from Imagination Technologies that allows for information leakage from a trusted execution environment when running in an untrusted execution environment. This could potentially expose sensitive data, highlighting the need for enhanced security measures in execution environments. Proper safeguarding against such vulnerabilities is crucial for maintaining the integrity and confidentiality of data processed within these environments.

Affected Version(s)

Graphics DDK Linux 1.15 RTM

Graphics DDK Linux 1.17 RTM

Graphics DDK Linux 1.18 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 9, 2025

JSON