CVE-2025-58408 — Use After Free in Technologies Graphics DDK

CWE-416 — Use After Free2 documents2 sources

Severity

5.9MEDIUMNVD

EPSS

0.0%

top 93.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Imagination Technologies Graphics DDK Imaginationtech DDK

Timeline

PublishedDec 1

Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resource while in use.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.5 | Impact: 3.4

Affected Packages2 packages

▶NVDimaginationtech/ddk25.2

▶CVEListV5imagination_technologies/graphics_ddk23.2 RTM — 25.2 RTM2+3

🔴Vulnerability Details

GHSA

GHSA-3cjf-7xfg-396f: Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel excep↗2025-12-01

▶