Imaginationtech: >> Ddk >> 25.2 Security Vulnerabilities
Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine.
CVSS Score
7.4
EPSS Score
0.0
Published
2025-11-17
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only.
This is caused by improper handling of the memory protections for the buffer resource.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-17
Page 2