CVE-2025-58410
HIGHDescription
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource.
Is your site exposed to CVE-2025-58410?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
| imaginationtech | ddk |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-58410? +
How severe is CVE-2025-58410? +
What products are affected by CVE-2025-58410? +
How do I check if I'm vulnerable to CVE-2025-58410? +
Related Vulnerabilities
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a …
An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated …
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended …
LDAP filter injection vulnerability in Yandex Database prior to 25.3.1.25 allows a remote attacker with valid LDAP credentials to bypass …
When creating an export of all reusable media, the secrets of connected gift cards were included in the export even …
Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to …