← Volver a CVEs
CVE-2025-58409
LOW3.5
Descripcion
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.
Detalles CVE
Puntuacion CVSS v3.13.5
SeveridadLOW
Vector CVSSCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vector de ataquePHYSICAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado1/13/2026
Ultima modificacion1/30/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
imaginationtech:ddk
Debilidades (CWE)
CWE-119
Referencias
https://www.imaginationtech.com/gpu-driver-vulnerabilities/(367425dc-4d06-4041-9650-c2dc6aaa27ce)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.