Imagination Technologies 厂商漏洞列表 / CVE 中文分析 59

Imagination Technologies 厂商相关 59 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Imagination Technologies 主营图形处理器（GPU）及人工智能加速器IP授权，其核心产品广泛应用于移动设备与嵌入式系统。历史漏洞多集中于驱动层，常见类型包括缓冲区溢出、空指针解引用及权限提升，部分缺陷可导致远程代码执行。值得关注的是，其PVR驱动模块曾多次曝出高危漏洞，涉及内核态内存破坏风险。鉴于其硬件IP在物联网领域的广泛部署，相关固件更新与安全补丁的及时应用对保障终端设备完整性至关重要。

上位製品 Imagination Technologies: Graphics DDK

CVEs 59

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-22166	GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable — Graphics DDKCWE-416	8.8	-	2026-05-01
CVE-2026-22165	GPU DDK - UAF read of GLES3Context::psDrawParams and GLES3Context::psMode and UAF read/write of RMJob::apsCCBs — Graphics DDKCWE-416	8.8	-	2026-05-01
CVE-2026-22167	GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory — Graphics DDKCWE-119	7.8	-	2026-05-01
CVE-2026-21733	RESERVED — Graphics DDK	7.1^AI	High^AI	2026-04-17
CVE-2026-22163	GPU DDK - Unsafe writing of MMU PT entries on systems with 32-bit host CPU — Graphics DDKCWE-820	8.4	-	2026-03-20
CVE-2026-21732	GPU DDK - libusc OOB write at ConvertSwitchToArrayLookupBP during WebGPU shader compilation — Graphics DDKCWE-823	8.1	-	2026-03-20
CVE-2026-21736	GPU DDK - Insufficient permission check in PhysmemWrapExtMem() when write attribute support enabled — Graphics DDKCWE-280	7.1^AI	High^AI	2026-03-09
CVE-2025-13952	GPU DDK - libusc UAF via WebGPU shaders at MergeConsecutiveBarriersBP — Graphics DDKCWE-416	9.8	-	2026-01-24
CVE-2025-10865	GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns — Graphics DDKCWE-416	7.8^AI	High^AI	2026-01-13
CVE-2025-58411	GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF — Graphics DDKCWE-416	7.8^AI	High^AI	2026-01-13
CVE-2025-58409	GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory — Graphics DDKCWE-119	7.8^AI	High^AI	2026-01-13
CVE-2025-25176	GPU DDK - GPU Register value contents leaked from secure workloads to non-secure world — Graphics DDKCWE-668	8.1^AI	High^AI	2026-01-13
CVE-2025-58408	GPU DDK - KASAN Read UAF in the PVRSRVBridgeRGXSubmitTransfer2 due to improper error handling code — Graphics DDKCWE-416	5.5^AI	Medium^AI	2025-12-01
CVE-2025-58407	GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet — Graphics DDKCWE-367	7.8^AI	High^AI	2025-11-17
CVE-2025-58410	GPU DDK - Multiple calls into PhysmemGEMPrimeExport can inherit write access permission for an existing read-only dma_buf import PMR — Graphics DDKCWE-280	7.8^AI	High^AI	2025-11-17
CVE-2025-46711	GPU DDK - NULL Pointer dereference occurs in LockHandle on bridge entry when connection misused — Graphics DDKCWE-476	5.5^AI	Medium^AI	2025-09-22
CVE-2025-25177	GPU DDK - Roll-back of pvr_exp_fence not in finalised state can cause UAF — Graphics DDKCWE-416	7.8^AI	High^AI	2025-09-22
CVE-2025-46709	GPU DDK - Security fix for PP-171570 can lead to an uninitialised pointer dereference and memory leak — Graphics DDKCWE-416	7.1	-	2025-08-08
CVE-2025-6573	GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite — Graphics DDKCWE-280	5.5	-	2025-08-08
CVE-2025-8109	GPU DDK - GPU shader shared memory corrupted using ptrace to disrupt GPU operation — Graphics DDKCWE-280	7.1^AI	High^AI	2025-08-04
CVE-2025-25180	GPU DDK - Insufficient validation in RGXCREATEFREELIST creates corrupt freelist — Graphics DDKCWE-823	5.5^AI	Medium^AI	2025-07-14
CVE-2025-46708	GPU DDK - Guest VM can delay the FW and GPU from processing workloads from other VMs — Graphics DDKCWE-280	5.5^AI	Medium^AI	2025-06-27
CVE-2025-46707	GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it — Graphics DDKCWE-668	7.8^AI	High^AI	2025-06-27
CVE-2025-46710	Imagination GPU Driver 安全漏洞 — Graphics DDKCWE-416	7.8^AI	High^AI	2025-06-16
CVE-2025-25179	GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory — Graphics DDKCWE-280	7.8^AI	High^AI	2025-06-02
CVE-2024-47893	GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups) — Graphics DDKCWE-823	8.4^AI	High^AI	2025-05-17
CVE-2025-1706	GPU DDK - Improper locking when accessing the pvr_exp_fence object — Graphics DDKCWE-416	7.8^AI	High^AI	2025-05-17
CVE-2025-0467	GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write — Graphics DDKCWE-823	7.8	-	2025-04-18
CVE-2025-25178	GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory — Graphics DDKCWE-1284	7.8^AI	High^AI	2025-04-04
CVE-2025-0468	GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA) — Graphics DDKCWE-280	5.5^AI	Medium^AI	2025-04-04

本页汇总了 Imagination Technologies 厂商截至目前公开的全部 59 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

Imagination Technologies 厂商漏洞列表 / CVE 中文分析 59

目標達成すべての支援者に感謝 — 100%達成しました！