CVE-2025-25176
BaseFortify
Publication date: 2026-01-13
Last updated on: 2026-01-14
Assigner: imaginationtech
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| imagination_technologies | gpu_driver_development_kit | to 24.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-668 | The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows intermediate register values of secure workloads to be exfiltrated when those workloads are scheduled from applications running in the non-secure environment of a platform. Essentially, attackers running non-secure applications can access sensitive data from secure workloads by exploiting flaws in the GPU Driver Development Kit, which mishandles GPU system calls and memory isolation, leading to unauthorized access to secure register values. [1]
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive information from secure workloads, potentially compromising data confidentiality. It may also cause kernel crashes, GPU firmware instability, and arbitrary memory writes, which can disrupt system stability and security. Attackers with non-privileged access or running inside Guest VMs can exploit these flaws to bypass memory isolation, leading to information leaks and possible system compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves monitoring for improper GPU system calls and abnormal GPU firmware behavior, especially from non-privileged users or Guest VMs. Specific commands are not provided in the resources, but monitoring kernel logs for GPU-related errors, firmware crashes, or kernel exceptions may help identify exploitation attempts. Additionally, checking for unusual GPU driver activity or crashes could indicate attempts to exploit these vulnerabilities. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the Imagination Technologies GPU Driver Development Kit (DDK) firmware and kernel modules to the latest versions that include protections against out-of-bounds accesses, use-after-free conditions, improper GPU system calls, kernel information leaks, and kernel heap corruptions. These updates implement improved error handling, input validation, locking mechanisms, and restrictions on GPU system call usage to prevent exploitation. [1]