| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-46710 | Imagination GPU Driver 安全漏洞 | Imagination Technologies | Graphics DDK | - | - | 2025-06-16 11:13:19 | Deep Dive |
| CVE-2025-25179 | GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory | Imagination Technologies | Graphics DDK | - | - | 2025-06-02 04:19:18 | Deep Dive |
| CVE-2024-47893 | GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups) | Imagination Technologies | Graphics DDK | - | - | 2025-05-17 00:47:53 | Deep Dive |
| CVE-2025-1706 | GPU DDK - Improper locking when accessing the pvr_exp_fence object | Imagination Technologies | Graphics DDK | - | - | 2025-05-17 00:40:29 | Deep Dive |
| CVE-2025-0467 | GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write | Imagination Technologies | Graphics DDK | 高危 | - | 2025-04-18 00:32:03 | Deep Dive |
| CVE-2025-25178 | GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory | Imagination Technologies | Graphics DDK | - | - | 2025-04-04 15:42:58 | Deep Dive |
| CVE-2025-0468 | GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA) | Imagination Technologies | Graphics DDK | - | - | 2025-04-04 15:39:38 | Deep Dive |
| CVE-2025-0835 | GPU DDK - _WrapExtMemReleasePages called twice if _FlushUMVirtualRange fails | Imagination Technologies | Graphics DDK | - | - | 2025-03-24 11:42:22 | Deep Dive |
| CVE-2025-0478 | GPU DDK - PMMETA_PROTECT PMR can be exported as dma-buf file / GEM object | Imagination Technologies | Graphics DDK | - | - | 2025-03-24 11:37:29 | Deep Dive |
| CVE-2024-12837 | GPU DDK - Exploitable kernel double free on apsFenceSyncCheckpoints allocated with arbitrary size | Imagination Technologies | Graphics DDK | 高危 | - | 2025-03-07 07:45:16 | Deep Dive |
| CVE-2024-12576 | GPU DDK - Untrusted app can crash firmware by forcing MCU access to non-aligned address | Imagination Technologies | Graphics DDK | 中危 | - | 2025-03-07 07:36:21 | Deep Dive |
| CVE-2024-12577 | GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet | Imagination Technologies | Graphics DDK | 高危 | - | 2025-02-22 14:58:34 | Deep Dive |
| CVE-2024-52939 | GPU DDK - RGXFWIF_HWPERF_CTL_BLK.uiNumCounters OOB write | Imagination Technologies | Graphics DDK | 高危 | - | 2025-02-22 14:54:56 | Deep Dive |
| CVE-2024-47896 | GPU DDK - rgxfw_hwr_log_info OOB write via psHWRInfoBuf->ui32WriteIndex | Imagination Technologies | Graphics DDK | 高危 | - | 2025-02-22 14:50:58 | Deep Dive |
| CVE-2024-46975 | GPU DDK - rgxfw_write_robustness_buffer allows arbitrary catreg set mapping | Imagination Technologies | Graphics DDK | 高危 | - | 2025-02-22 14:44:25 | Deep Dive |
| CVE-2024-47900 | GPU DDK - Multiple integer overflow in DmaTransfer PMR_DevPhysAddr functions leading to OOB writes | Imagination Technologies | Graphics DDK | 高危 | - | 2025-01-31 03:19:34 | Deep Dive |
| CVE-2024-47899 | GPU DDK - PVRSRVDeviceServicesOpen use-after-free condition | Imagination Technologies | Graphics DDK | 高危 | - | 2025-01-31 03:17:20 | Deep Dive |
| CVE-2024-47898 | GPU DDK - PVRSRVDeviceSyncOpen use-after-free condition | Imagination Technologies | Graphics DDK | 中危 | - | 2025-01-31 03:14:47 | Deep Dive |
| CVE-2024-47891 | GPU DDK - Exploitable double free on PTL_STREAM_DESC object in the kernel function TLServerCloseStreamKM due to a race condition | Imagination Technologies | Graphics DDK | 中危 | - | 2025-01-31 03:11:59 | Deep Dive |
| CVE-2024-46974 | GPU DDK - Arbitrary write of read-only dmabuf | Imagination Technologies | Graphics DDK | 中危 | - | 2025-01-31 03:07:15 | Deep Dive |