CVE-2025-58411 - Vulnerability Details - OpenCVE

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potential write use after free was present.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://www.imaginationtech.com/gpu-driver-vulnerabilities/

History

Tue, 13 Jan 2026 17:00:00 +0000

Type	Values Removed	Values Added
Description		Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potential write use after free was present.
Title		GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF
Weaknesses		CWE-416
References		https://www.imaginationtech.com/gpu-driver-vulnerabilities/

MITRE

Status: PUBLISHED

Assigner: imaginationtech

Published: 2026-01-13T16:41:51.276Z

Updated: 2026-01-13T17:27:45.786Z

Reserved: 2025-09-01T08:00:07.349Z

Link: CVE-2025-58411

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-13T17:15:57.813

Modified: 2026-01-13T17:15:57.813

Link: CVE-2025-58411

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-58411", "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "state": "PUBLISHED", "assignerShortName": "imaginationtech", "dateReserved": "2025-09-01T08:00:07.349Z", "datePublished": "2026-01-13T16:41:51.276Z", "dateUpdated": "2026-01-13T17:27:45.786Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "platforms": ["Linux", "Android"], "product": "Graphics DDK", "vendor": "Imagination Technologies", "versions": [{"status": "affected", "version": "1.15 RTM", "versionType": "custom"}, {"status": "affected", "version": "1.17 RTM", "versionType": "custom"}, {"status": "affected", "version": "1.18 RTM", "versionType": "custom"}, {"lessThanOrEqual": "25.2 RTM", "status": "affected", "version": "23.2 RTM", "versionType": "custom"}, {"status": "unaffected", "version": "25.3 RTM", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario.</p><p>Improper resource management and reference counting on an internal resource caused scenario where potential write use after free was present.</p>\n\n<br>"}], "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario.\n\nImproper resource management and reference counting on an internal resource caused scenario where potential write use after free was present."}], "impacts": [{"capecId": "CAPEC-124", "descriptions": [{"lang": "en", "value": "CAPEC-124: Shared Resource Manipulation"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416: Use After Free", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech", "dateUpdated": "2026-01-13T17:27:45.786Z"}, "references": [{"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"}], "source": {"discovery": "UNKNOWN"}, "title": "GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}