GPU DDK – DevmemIntGetReservationData does not ref the PMR it...

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free.

Improper reference counting on an internal resource caused scenario where potential for use after free was present.

Basic Information

ID CVE-2025-10865

Source imaginationtech

Published Jan 13, 2026 at 17:26

Modified Jan 14, 2026 at 14:36

Affected Product

Vendor Imagination Technologies

Product Graphics DDK

Version 1.15 RTM

Affected Versions Imagination Technologies Graphics DDK 1.15 RTM
Imagination Technologies Graphics DDK 1.17 RTM
Imagination Technologies Graphics DDK 1.18 RTM
Imagination Technologies Graphics DDK 23.2 RTM

CWE Classification

CWE-416

References

www.imaginationtech.com /gpu-driver-vulnerabilities/

{
    "lastseen": "",
    "description": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free.\n\nImproper reference counting on an internal resource caused scenario where potential for use after free was present.",
    "published": "2026-01-13T17:26:45.523Z",
    "modified": "2026-01-14T14:36:47.473Z",
    "type": "cve",
    "title": "GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns",
    "source": "imaginationtech",
    "references": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/",
    "id": "CVE-2025-10865",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "Imagination Technologies Graphics DDK 1.15 RTM\nImagination Technologies Graphics DDK 1.17 RTM\nImagination Technologies Graphics DDK 1.18 RTM\nImagination Technologies Graphics DDK 23.2 RTM",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Graphics DDK",
    "version": "1.15 RTM",
    "vendor": "Imagination Technologies",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

GPU DDK – DevmemIntGetReservationData does not ref the PMR it returns_CVE-2025-10865