Login Sign Up

CVE-2025-58411

8.8 HIGH

📋 TL;DR

This vulnerability allows non-privileged users to exploit improper GPU resource management through system calls, potentially leading to use-after-free conditions. It affects systems running Imagination Technologies GPU drivers where users can execute GPU operations. The vulnerability could enable local privilege escalation or system compromise.

💻 Affected Systems

Products:
  • Imagination Technologies GPU drivers
Versions: Specific versions not detailed in reference; check vendor advisory for exact affected versions
Operating Systems: Linux, Android, Other systems using Imagination GPU drivers
Default Config Vulnerable: ⚠️ Yes
Notes: Requires GPU driver access; systems with GPU acceleration enabled for non-privileged users are vulnerable.

📦 What is this software?

Ddk by Imaginationtech

View all CVEs affecting Ddk →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level access, enabling full system compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated privileges on the affected system.

🟢

If Mitigated

Limited impact if proper access controls restrict GPU access to trusted users only.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and ability to make GPU system calls; no public exploit code is mentioned.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Restart Required: Yes

Instructions:

1. Visit the vendor advisory URL. 2. Identify affected driver versions. 3. Download and install the latest patched GPU driver from Imagination Technologies. 4. Reboot the system to apply changes.

🔧 Temporary Workarounds

Restrict GPU Access

linux

Limit GPU system call access to privileged users only to prevent exploitation.

# Linux: Use cgroups or security modules to restrict GPU device access
# Example: chmod 600 /dev/gpu_device

🧯 If You Can't Patch

  • Implement strict access controls to prevent non-privileged users from executing GPU operations.
  • Monitor system logs for unusual GPU activity or privilege escalation attempts.

🔍 How to Verify

Check if Vulnerable:

Check GPU driver version against vendor advisory; if using affected Imagination GPU driver versions, system is vulnerable.

Check Version:

# Linux: Check GPU driver version via system logs or vendor tools
# Example: dmesg | grep -i gpu
# Or use vendor-specific commands from Imagination Technologies

Verify Fix Applied:

Verify GPU driver version has been updated to patched version specified in vendor advisory.

📡 Detection & Monitoring

Log Indicators:

  • Unusual GPU system calls from non-privileged users
  • Kernel panic or crash logs related to GPU drivers
  • Failed privilege escalation attempts

Network Indicators:

  • Not applicable; this is a local vulnerability

SIEM Query:

source="kernel" AND ("GPU" OR "use-after-free") AND user!="root"

📊 Metadata

CVE ID: CVE-2025-58411
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.02% exploit probability (3.4th percentile)
Published: January 13, 2026
Last Updated: January 30, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58411, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)