Imagination Technologies GPU DDK
Moderate fix1 remedy
cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 24.2 RTM2
- <= 24.3 RTM
Imagination Technologies GPU Driver NULL Pointer Dereference Vulnerability
Vulnerability
Patched
A vulnerability exists in the Imagination Technologies GPU driver that allows software running as a non-privileged user to make improper GPU system calls. This can trigger NULL pointer dereference exceptions in the kernel, leading to potential system crashes or instability. The issue is present in DDK releases from 1.17 RTM up to and including 25.1 RTM1.
Impact
Exploitation of this vulnerability causes a NULL pointer dereference in the kernel, leading to a crash or instability in the system.
Reproduction
The vulnerability can be reproduced by running software as a non-privileged user that makes improper GPU system calls. This can be done by creating a program that interacts with the GPU driver and sends commands that cause the driver to dereference a NULL pointer.
Remediation
The DDK kernel module has been updated to address this vulnerability by correcting the improper use of GPU system calls that led to the NULL pointer dereference.
Added: Sep 22, 2025, 5:05 PM
Updated: Sep 22, 2025, 5:05 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
2.5exploitability
3.6remediation
7.7relevance
0.5threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.