Volerion logoVolerion
Volerion logoVolerion

Imagination Technologies GPU Driver Arbitrary Memory Write Vulnerability

Vulnerability

A vulnerability exists in the Imagination Technologies GPU driver that allows software running as a non-privileged user to make improper system calls to the GPU. This can lead to the GPU writing to arbitrary physical memory pages, potentially corrupting data in memory pages used by the kernel and other drivers. The vulnerability is present in DDK releases up to and including 24.3.

Impact

Exploitation of this vulnerability allows for unauthorized writes to physical memory, which can corrupt kernel data and disrupt the normal operation of the system.

Reproduction

The vulnerability can be reproduced by running software as a non-privileged user on a system with an affected version of the Imagination Technologies GPU driver. The software can then make improper GPU system calls that trigger the vulnerability, causing the GPU to write to arbitrary physical memory pages.

Remediation

Users can update to a version of the Imagination Technologies GPU driver that has been patched to prevent this vulnerability. Instructions for updating the driver can be found on the Imagination Technologies website.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
3.6
remediation
7.7
relevance
0.0
threat
1.6
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.