Primary

Context

Imagination Technologies GPU Driver Use-After-Free Vulnerability in Resource Management

Vulnerability

Patched

A write use-after-free vulnerability has been identified in the Imagination Technologies GPU Driver Development Kit (DDK) Releases up to and including 25.2 RTM. This vulnerability arises from improper management of resource reference counting, allowing software run by non-privileged users to make erroneous GPU system calls. The mismanagement creates a scenario where resources can be prematurely freed, leading to potential exploitation.

Impact

Exploitation of this vulnerability can result in a write use-after-free condition, where memory that has been freed is reallocated and written to, potentially leading to memory corruption or arbitrary code execution.

Remediation

The DDK kernel module has been updated to correct the improper use of GPU system calls, ensuring that resources cannot be freed prematurely while references still exist.

Added: Jan 13, 2026, 5:30 PM

Updated: Jan 13, 2026, 5:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Imagination Technologies GPU Driver Use-After-Free Vulnerability in Resource Management

Vulnerability

Impact

Remediation

Affected Products

Imagination Technologies GPU DDK

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating