Skip to main content

Ddk CVE-2025-25179

| EUVDEUVD-2025-16613 HIGH
Improper Handling of Insufficient Permissions or Privileges (CWE-280)
2025-06-02 367425dc-4d06-4041-9650-c2dc6aaa27ce
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 16:47 euvd
EUVD-2025-16613
Analysis Generated
Mar 14, 2026 - 16:47 vuln.today
CVE Published
Jun 02, 2025 - 05:15 nvd
HIGH 7.8

DescriptionCVE.org

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages.

AnalysisAI

GPU privilege escalation vulnerability allowing non-privileged users to conduct improper GPU system calls that bypass GPU hardware protections and write to arbitrary physical memory pages, achieving complete system compromise. The vulnerability affects GPU driver implementations across multiple vendors and has a CVSS score of 7.8 (High) with local attack vector requiring low privileges but no user interaction. Without KEV confirmation, EPSS score, or confirmed public POC in the provided data, the real-world exploitation risk remains moderate but should be treated as significant due to the nature of GPU memory access primitives in modern systems.

Technical ContextAI

This vulnerability exploits insufficient input validation in GPU device drivers' system call handling interfaces. GPUs maintain separate memory address spaces and access control mechanisms; improper validation of GPU system calls (likely IOCTL operations or GPU command submission APIs) allows a non-privileged process to craft malicious GPU commands that circumvent GPU memory management unit (IOMMU/GPU MMU) protections. The root cause maps to CWE-280 (Improper Handling of Insufficient Permissions or Privileges), indicating that the GPU driver fails to properly validate caller permissions before allowing direct or semi-direct physical memory writes. This is characteristic of vulnerabilities in NVIDIA CUDA drivers, AMD ROCm drivers, Intel GPU drivers, or other GPU compute frameworks where user-mode GPU libraries interact with kernel drivers without sufficient access control checks on DMA operations and memory mapping capabilities.

RemediationAI

(1) Immediate: Update GPU drivers to patched versions—check vendor advisories for NVIDIA, AMD, Intel, and kernel maintainers for specific version numbers. (2) Kernel-Level: For Linux systems, ensure GPU drivers are updated alongside kernel patches; for NVIDIA: nvidia-driver ≥ [version TBD from NVIDIA advisory], AMD: amdgpu-core ≥ [version TBD]. (3) Temporary Mitigations (if patches unavailable): (a) Restrict GPU access via cgroup v2 or container policies; (b) Disable user-mode GPU compute access if not required; (c) Run GPU workloads in isolated containers with minimal privilege; (d) Monitor GPU IOMMU faults for exploitation attempts. (4) Validation: After patching, verify GPU system call filtering is enforced by checking driver logs and running GPU memory access tests. (5) Reference vendor advisories (NVIDIA Security Advisories, AMD Product Security Page, Linux GPU Driver Maintainers) for precise patch versions and validation steps.

More in Ddk

View all
CVE-2025-13952 CRITICAL
9.8 Jan 24

Write-after-free crash in GPU compiler process triggered by unusual GPU shader code loaded from the web. Browser vulnera

CVE-2025-25176 CRITICAL
9.1 Jan 13

A hardware vulnerability allows exfiltration of intermediate register values from secure workloads running in ARM TrustZ

CVE-2025-58411 HIGH
8.8 Jan 13

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reso

CVE-2025-0467 HIGH
8.2 Apr 18

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data ou

CVE-2026-22166 HIGH
8.1 May 01

Use-after-free in Imagination Graphics DDK GPU GLES user-space library allows authenticated remote attackers to crash th

CVE-2026-22165 HIGH
8.1 May 01

Remote authenticated attackers can execute code or cause persistent denial-of-service in Imagination Technologies Graphi

CVE-2025-10865 HIGH
7.8 Jan 13

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of refe

CVE-2026-22167 HIGH
7.8 May 01

Local privilege escalation in Imagination Technologies Graphics DDK allows low-privileged users to corrupt kernel memory

CVE-2025-58408 MEDIUM
5.9 Dec 01

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data

CVE-2025-46710 MEDIUM
5.7 Jun 16

Possible kernel exceptions caused by reading and writing kernel heap data after free.

CVE-2025-46707 MEDIUM
5.2 Jun 27

Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU.

CVE-2026-21736 MEDIUM
4.4 Mar 09

Improper GPU system call handling in the DDK allows non-privileged users to bypass memory protections on user-mode wrapp

Share

CVE-2025-25179 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy