Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

Graphics DDK — Vulnerabilities & Security Advisories 75

All 75 CVE vulnerabilities found in Graphics DDK, with AI-generated Chinese analysis, references, and POCs.

This page aggregates Common Weakness Enumeration (CWE) vulnerabilities associated with the Graphics DDK product from its respective vendor. It collects a comprehensive range of security flaws, including buffer overflows, memory corruption issues, privilege escalation vulnerabilities, and improper input validation errors. The data covers vulnerability disclosures and advisories published from 2018 through the present date, ensuring a broad historical perspective on security trends for this specific development kit. By browsing this aggregation, you can track a vendor's advisory history to understand their patching cadence and response times. You can also explore the details of a specific weakness class to identify recurring patterns and root causes within the Graphics DDK ecosystem. Additionally, this resource allows you to look up a product's vulnerability history to assess long-term stability and security posture. The information is organized to facilitate efficient searching and comparison, helping security professionals and developers identify potential risks before they impact production environments. Understanding these aggregated weaknesses provides critical context for risk assessment and helps in prioritizing remediation efforts. This page serves as a centralized reference point for analyzing the security landscape of the Graphics DDK, enabling stakeholders to make informed decisions based on historical data and current threat intelligence without needing to sift through fragmented sources.

Vendor: Imagination Technologies

CVE IDTitleCVSSSeverityPublished
CVE-2025-58410 GPU DDK - Multiple calls into PhysmemGEMPrimeExport can inherit write access permission for an existing read-only dma_buf import PMR CWE-280 7.8AIHighAI2025-11-17
CVE-2025-46711 GPU DDK - NULL Pointer dereference occurs in LockHandle on bridge entry when connection misused CWE-476 5.5AIMediumAI2025-09-22
CVE-2025-25177 GPU DDK - Roll-back of pvr_exp_fence not in finalised state can cause UAF CWE-416 7.8AIHighAI2025-09-22
CVE-2025-46709 GPU DDK - Security fix for PP-171570 can lead to an uninitialised pointer dereference and memory leak CWE-416 7.1 -2025-08-08
CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite CWE-280 5.5 -2025-08-08
CVE-2025-8109 GPU DDK - GPU shader shared memory corrupted using ptrace to disrupt GPU operation CWE-280 7.1AIHighAI2025-08-04
CVE-2025-25180 GPU DDK - Insufficient validation in RGXCREATEFREELIST creates corrupt freelist CWE-823 5.5AIMediumAI2025-07-14
CVE-2025-46708 GPU DDK - Guest VM can delay the FW and GPU from processing workloads from other VMs CWE-280 5.5AIMediumAI2025-06-27
CVE-2025-46707 GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it CWE-668 7.8AIHighAI2025-06-27
CVE-2025-46710 Imagination GPU Driver 安全漏洞 CWE-416 7.8AIHighAI2025-06-16
CVE-2025-25179 GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory CWE-280 7.8AIHighAI2025-06-02
CVE-2024-47893 GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups) CWE-823 8.4AIHighAI2025-05-17
CVE-2025-1706 GPU DDK - Improper locking when accessing the pvr_exp_fence object CWE-416 7.8AIHighAI2025-05-17
CVE-2025-0467 GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write CWE-823 7.8 -2025-04-18
CVE-2025-25178 GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory CWE-1284 7.8AIHighAI2025-04-04
CVE-2025-0468 GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA) CWE-280 5.5AIMediumAI2025-04-04
CVE-2025-0835 GPU DDK - _WrapExtMemReleasePages called twice if _FlushUMVirtualRange fails CWE-416 7.8AIHighAI2025-03-24
CVE-2025-0478 GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object CWE-280 5.5AIMediumAI2025-03-24
CVE-2024-12837 GPU DDK - Exploitable kernel double free on apsFenceSyncCheckpoints allocated with arbitrary size CWE-416 7.8 -2025-03-07
CVE-2024-12576 GPU DDK - Untrusted app can crash firmware by forcing MCU access to non-aligned address CWE-822 5.5 -2025-03-07
CVE-2024-12577 GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet CWE-823 7.8 -2025-02-22
CVE-2024-52939 GPU DDK - RGXFWIF_HWPERF_CTL_BLK.uiNumCounters OOB write CWE-823 7.8 -2025-02-22
CVE-2024-47896 GPU DDK - rgxfw_hwr_log_info OOB write via psHWRInfoBuf->ui32WriteIndex CWE-823 7.8 -2025-02-22
CVE-2024-46975 GPU DDK - rgxfw_write_robustness_buffer allows arbitrary catreg set mapping CWE-270 7.8 -2025-02-22
CVE-2024-47900 GPU DDK - Multiple integer overflow in DmaTransfer PMR_DevPhysAddr functions leading to OOB writes CWE-823 7.1 -2025-01-31
CVE-2024-47899 GPU DDK - PVRSRVDeviceServicesOpen use-after-free condition CWE-416 7.8 -2025-01-31
CVE-2024-47898 GPU DDK - PVRSRVDeviceSyncOpen use-after-free condition CWE-416 7.8 -2025-01-31
CVE-2024-47891 GPU DDK - Exploitable double free on PTL_STREAM_DESC object in the kernel function TLServerCloseStreamKM due to a race condition CWE-416 7.8 -2025-01-31
CVE-2024-46974 GPU DDK - Arbitrary write of read-only dmabuf CWE-266 7.8 -2025-01-31
CVE-2024-52938 GPU DDK - rgxfw_pm_add_freelist_for_reconstruction OOB write CWE-823 7.8 -2025-01-13

All 75 known CVE vulnerabilities affecting Graphics DDK with full Chinese analysis, references, and POCs where available.