Vulnerability Database

317,828

Total vulnerabilities in the database

CVE-2025-58410

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only.

This is caused by improper handling of the memory protections for the buffer resource.

Published: Nov 17, 2025
Updated: Nov 18, 2025
CVE: CVE-2025-58410
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-280

Affected Software
References

Software	From	Fixed in
imaginationtech / ddk	23.3-rtm	23.3-rtm.x
imaginationtech / ddk	24.1	24.1.x
imaginationtech / ddk	24.2	24.2.x
imaginationtech / ddk	24.2-rtm1	24.2-rtm1.x
imaginationtech / ddk	24.2-rtm2	24.2-rtm2.x
imaginationtech / ddk	24.3	24.3.x
imaginationtech / ddk	25.1	25.1.x
imaginationtech / ddk	25.2	25.2.x
imaginationtech / ddk	25.2-rtm	25.2-rtm.x

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo