Lucene search
K
ImaginationtechDdk

24 matches found

CVE
CVE
added 2024/01/16 5:1 p.m.113 views

CVE-2023-4969

CVE-2023-4969 describes a vulnerability where a GPU kernel can read sensitive data from another GPU kernel through the local memory region across various architectures. The issue is a confidentiality exposure (HIGH) with LOCAL access and LOW attack complexity; no user interaction is required. The...

6.5CVSS6.2AI score0.01175EPSS
CVE
CVE
added 2025/04/18 12:32 a.m.94 views

CVE-2025-0467

CVE-2025-0467 affects Imagination Technologies PowerVR-GPU kernel code used inside a guest VM. The vulnerability arises when memory shared with the GPU firmware can be abused by the guest to write data outside the virtualized GPU memory, potentially impacting data integrity and isolation between ...

8.2CVSS6.6AI score0.00147EPSS
CVE
CVE
added 2025/06/02 4:19 a.m.71 views

CVE-2025-25179

CVE-2025-25179 is a local vulnerability in the Imagination Technologies PowerVR-GPU driver. A non-privileged user may issue improper GPU system calls that subvert GPU hardware and write to arbitrary physical memory pages. Reported base metrics indicate local access, low privileges required, and h...

7.8CVSS6.5AI score0.00121EPSS
CVE
CVE
added 2025/06/16 11:13 a.m.46 views

CVE-2025-46710

CVE-2025-46710 is tied to Imagination Technologies’ PowerVR-GPU driver. The issue arises from reusing kernel heap data after it has been freed, which can lead to kernel exceptions. Affected component: Imagination GPU Driver (PowerVR-GPU). Impact described in sources: potential kernel-level instab...

5.7CVSS6.6AI score0.00178EPSS
CVE
CVE
added 2025/06/27 5:4 p.m.35 views

CVE-2025-46708

CVE-2025-46708 affects Imagination Technologies PowerVR-GPU driver. The issue arises when software inside a Guest VM makes improper GPU system calls, delaying or blocking the GPU for other guests and preventing them from processing workloads. The vulnerability is described as enabling guest VMs t...

4.3CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/06/27 4:53 p.m.34 views

CVE-2025-46707

CVE-2025-46707 concerns Imagination Technologies graphics stack (PowerVR-GPU) where software in a Guest VM can override the firmware state and gain access to the GPU. The base CVSS shows it is a local issue with low privileges and no user interaction, scoped to change in confidentiality/integrity...

5.2CVSS6.7AI score0.00124EPSS
CVE
CVE
added 2026/01/24 2:26 a.m.26 views

CVE-2025-13952

CVE-2025-13952 involves the GPU shader compiler library: loading a web page containing unusual GPU shader code can trigger a write-use-after-free crash in the GPU shader compiler, via a path that retains a freed memory pointer. Affected component is the GPU shader compiler library; specific produ...

9.8CVSS5.6AI score0.00416EPSS
CVE
CVE
added 2025/08/08 11:27 p.m.25 views

CVE-2025-46709

CVE-2025-46709 describes a vulnerability in Imagination Technologies (Graphics DDK) related to memory handling in kernel space: reading kernel heap data after it has been freed or dereferencing a NULL pointer, causing a potential memory leak and kernel exceptions. The public records consistently ...

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2026/05/01 3:56 p.m.21 views

CVE-2026-22165

CVE-2026-22165 involves a flaw in a GPU DDK where a web page serving unusual WebGPU content loaded into the GPU GLES render process can trigger a write UAF in the GPU GLES user-space shared library. The root cause is described as UAF reads of GLES3Context::psDrawParams and GLES3Context::psMode an...

8.1CVSS5.8AI score0.00346EPSS
CVE
CVE
added 2025/11/17 5:18 p.m.20 views

CVE-2025-58407

CVE-2025-58407 concerns Imagination Technologies GPU DDK/driver software used in a Guest VM. The vulnerability is a TOCTOU race in the GPU firmware interaction (psFWMemContext->uiPageCatBaseRegSet) that could allow reading and/or writing data outside the allotted memory, enabling escape from t...

7.4CVSS6.6AI score0.00172EPSS
CVE
CVE
added 2026/05/01 3:59 p.m.19 views

CVE-2026-22166

CVE-2026-22166 pertains to GPU DDK components where a web page sending anomalous WebGPU content into the GPU GLES render process can trigger a write UAF crash in the GPU GLES user-space shared library (KEGLGetPoolBuffers). The exposed root cause is a write-after-free condition in KEGLGetPoolBuffe...

8.1CVSS5.8AI score0.00346EPSS
CVE
CVE
added 2026/05/01 3:48 p.m.19 views

CVE-2026-22167

CVE-2026-22167 concerns a GPU DDK vulnerability where cache-resident PM buffers can be written by other GPU requestors. The issue allows software running as a non-privileged user to issue improper GPU system calls, forcing the GPU to write to arbitrary physical memory pages. Under certain conditi...

7.8CVSS5.9AI score0.00148EPSS
CVE
CVE
added 2025/11/17 4:57 p.m.18 views

CVE-2025-58410

CVE-2025-58410 concerns Imagination Technologies PowerVR-GPU drivers. The root cause is improper handling of memory protections for a buffer resource, enabling a non-privileged process to perform improper GPU system calls that could grant write access to buffers exported as read-only via dma_buf ...

7.5CVSS6.9AI score0.00241EPSS
CVE
CVE
added 2025/09/22 10:21 a.m.17 views

CVE-2025-46711

CVE-2025-46711 affects Imagination Technologies PowerVR-GPU via the GPU DDK. The issue arises from improper GPU system calls that can trigger a NULL pointer dereference in the kernel when used by software running with non-privileged permissions, leading to potential kernel crashes (DoS). CVSS ind...

5.5CVSS6.4AI score0.00116EPSS
CVE
CVE
added 2026/01/13 5:26 p.m.16 views

CVE-2025-10865

CVE-2025-10865 affects the Imagination Graphics DDK (GPU driver) where DevmemIntGetReservationData does not properly ref the PMR, leading to improper reference counting and a potential use-after-free vulnerability. The issue is described as arising when unprivileged users run GPU system calls, wi...

7.8CVSS6.5AI score0.0011EPSS
CVE
CVE
added 2026/03/09 12:23 p.m.14 views

CVE-2026-21736

CVE-2026-21736 is a GPU DDK vulnerability where a non-privileged user can perform improper GPU system calls to gain write access to read-only wrapped user-mode memory. The enrichment notes an insufficient permission check in PhysmemWrapExtMem() when write attribute support is enabled; the root ca...

4.4CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/03/20 10:52 p.m.13 views

CVE-2026-22163

The CVE-2026-22163 entry describes a local, high-severity GPU driver vulnerability in Imagination Graphics DDK where malware can misuse the DDK kernel module IOCTL interface to subvert the GPU and perform writes to arbitrary physical memory pages. The root cause is unsynchronized access to a shar...

7.8CVSS6AI score0.00078EPSS
CVE
CVE
added 2026/06/26 3:18 p.m.13 views

CVE-2026-45195

CVE-2026-45195 affects kernel software inside a Host VM that posts commands to GPU Firmware, enabling memory reads/writes outside the host kernel’s permitted range. Root cause: untrusted addresses passed to rgxfw_set_mips_fault_address in the GPU DDK may grant the firmware privileged memory acces...

7.8CVSS5.8AI score0.00106EPSS
CVE
CVE
added 2026/01/13 4:37 p.m.12 views

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

3.5CVSS6.2AI score0.00132EPSS
CVE
CVE
added 2026/03/20 10:48 p.m.12 views

CVE-2026-21732

CVE-2026-21732 affects the GPU shader compiler path used by Imagination Graphics DDK in various disclosures. The issue is described as an out-of-bounds write crash triggered by unusual GPU shader code, specifically when a web page contains shader input that is loaded into the GPU compiler process...

9.6CVSS5.9AI score0.00288EPSS
CVE
CVE
added 2026/01/13 4:27 p.m.11 views

CVE-2025-25176

The CVE-2025-25176 entry pertains to Imagination Graphics DDK GPU driver vulnerabilities; described issue is exfiltration of intermediate register values from secure workloads into non-secure world when scheduled by applications in the non-secure environment. Affected component: GPU driver/SDK (I...

9.1CVSS6.5AI score0.00309EPSS
CVE
CVE
added 2025/12/01 11:16 a.m.11 views

CVE-2025-58408

CVE-2025-58408 affects Imagination GPU DDK components (PVRSRVBridgeRGXSubmitTransfer2) with a Use-After-Free due to improper error handling in GPU system calls. The flaw allows reads of stale data when a non-privileged user triggers GPU calls, risking kernel exceptions and potential resource dest...

5.9CVSS6.4AI score0.00113EPSS
CVE
CVE
added 2026/01/13 4:41 p.m.9 views

CVE-2025-58411

CVE-2025-58411 affects Imagination Graphics DDK (GPU driver) where a non-privileged user can trigger improper GPU system calls, leading to mismanagement of resource reference counts and a potential write use-after-free. Root cause: improper resource management and reference counting on an interna...

8.8CVSS6.5AI score0.00148EPSS
CVE
CVE
added 2026/06/26 3:14 p.m.8 views

CVE-2026-21734

The CVE-2026-21734 reports an out-of-bounds write in the GPU shader compiler library triggered by loading a web page containing unusual GPU shader code. The vulnerability affects the GPU shader compiler process and can lead to a segmentation fault or write-out-of-bounds in the shader compiler, wi...

7.7CVSS5.8AI score0.00118EPSS