CVE-2025-0478
Published: 24 March 2025
Summary
CVE-2025-0478 is a high-severity Improper Handling of Insufficient Permissions or Privileges (CWE-280) vulnerability in Imaginationtech (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 17.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-2 (Separation of System and User Functionality) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the CVE by requiring timely identification, reporting, and remediation of the GPU driver flaw through vendor patches.
Implements memory protection techniques like ASLR and DEP to prevent successful arbitrary physical memory reads, writes, and corruption by non-privileged user software.
Enforces separation between user and system functionality to block improper GPU system calls from allowing user-space access to kernel memory pages.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability allows low-privileged local user to perform arbitrary physical memory reads/writes via GPU driver, directly enabling kernel-level code execution (T1068), credential/sensitive data access from memory (T1212), and system instability/DoS via memory corruption (T1499).
NVD Description
Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the…
more
GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour.
Deeper analysisAI
CVE-2025-0478 is a vulnerability in GPU drivers from Imagination Technologies that allows software running as a non-privileged user to make improper GPU system calls, enabling reads and writes to arbitrary physical memory pages. Under certain circumstances, this can corrupt data pages not allocated by the GPU driver, including memory pages used by the kernel and other drivers on the platform, thereby altering their behavior. The issue is classified under CWE-280 (Improper Handling of Insufficient Privileges or Capabilities) with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-24.
A local attacker with low privileges can exploit this vulnerability by executing malicious software on the affected system. Successful exploitation grants the ability to read sensitive data, modify critical memory regions, and disrupt system stability, potentially leading to arbitrary code execution in kernel space or denial of service through memory corruption.
For mitigation details, refer to the vendor advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/.
Details
- CWE(s)