GPU DDK – Reservation::psMappedPMR can change while used by a...

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario.

Improper resource management and reference counting on an internal resource caused scenario where potential write use after free was present.

AI Analysis

Use-after-free vulnerability in GPU DDK due to improper resource management and reference counting

Basic Information

ID CVE-2025-58411

Source imaginationtech

Published Jan 13, 2026 at 16:41

Modified Jan 14, 2026 at 14:41

Affected Product

Vendor Imagination Technologies

Product Graphics DDK

Version 1.15 RTM

Affected Versions Imagination Technologies Graphics DDK 1.15 RTM
Imagination Technologies Graphics DDK 1.17 RTM
Imagination Technologies Graphics DDK 1.18 RTM
Imagination Technologies Graphics DDK 23.2 RTM

CWE Classification

CWE-416

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Imagination Technologies

Product Graphics DDK

Version 1.15 RTM, 1.17 RTM, 1.18 RTM, 23.2 RTM

References

www.imaginationtech.com /gpu-driver-vulnerabilities/

{
    "lastseen": "",
    "description": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario.\n\nImproper resource management and reference counting on an internal resource caused scenario where potential write use after free was present.",
    "published": "2026-01-13T16:41:51.276Z",
    "modified": "2026-01-14T14:41:14.848Z",
    "type": "cve",
    "title": "GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF",
    "source": "imaginationtech",
    "references": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/",
    "id": "CVE-2025-58411",
    "bulletinFamily": "",
    "cwe": [
        "CWE-416"
    ],
    "cvelist": null,
    "sourceData": "Imagination Technologies Graphics DDK 1.15 RTM\nImagination Technologies Graphics DDK 1.17 RTM\nImagination Technologies Graphics DDK 1.18 RTM\nImagination Technologies Graphics DDK 23.2 RTM",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Graphics DDK",
    "version": "1.15 RTM",
    "vendor": "Imagination Technologies",
    "ai_description": "Use-after-free vulnerability in GPU DDK due to improper resource management and reference counting",
    "ai_severity": "High",
    "ai_vendor": "Imagination Technologies",
    "ai_product": "Graphics DDK",
    "ai_version": "1.15 RTM, 1.17 RTM, 1.18 RTM, 23.2 RTM",
    "ai_score": 8.8
}

GPU DDK – Reservation::psMappedPMR can change while used by a freelist -> UAF_CVE-2025-58411