Cyber Resilience

CVE-2025-58411

High

Published: 13 January 2026

Published
13 January 2026
Modified
30 January 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0015 4.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-58411 is a high-severity Use After Free (CWE-416) vulnerability in Imaginationtech Ddk. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 4.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-58411 is a use-after-free vulnerability (CWE-416) affecting Imagination Technologies GPU drivers, published on 2026-01-13. The flaw stems from improper resource management and reference counting on an internal resource, triggered when software installed and run as a non-privileged user conducts improper GPU system calls. This mismanagement creates a scenario enabling potential write use-after-free conditions. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

A local attacker with low privileges can exploit the vulnerability with low attack complexity and no user interaction. Exploitation involves triggering the improper GPU system calls, leading to resource reference counting errors and use-after-free access. Given the high scope and impacts (confidentiality, integrity, and availability all rated high), successful attacks could enable arbitrary code execution, privilege escalation, data corruption, or denial of service at the kernel level.

Mitigation details are available in the vendor advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/.

EU & UK References

Vulnerability details

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario…

more

where potential write use after free was present.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Use-after-free in kernel GPU driver directly enables local privilege escalation via crafted system calls from low-privileged user context.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-10865Same product: Imaginationtech Ddk
CVE-2025-13952Same product: Imaginationtech Ddk
CVE-2026-22166Same product: Imaginationtech Ddk
CVE-2026-22165Same product: Imaginationtech Ddk
CVE-2026-22167Same product: Imaginationtech Ddk
CVE-2026-22163Same product: Imaginationtech Ddk
CVE-2026-21732Same product: Imaginationtech Ddk
CVE-2025-25176Same product: Imaginationtech Ddk
CVE-2026-31474Shared CWE-416
CVE-2025-47398Shared CWE-416

Affected Assets

imaginationtech
ddk
≤ 25.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the use-after-free vulnerability by requiring timely monitoring, scanning, and remediation of flaws in the GPU driver via vendor patches.

prevent

Provides memory protection mechanisms like ASLR, DEP, and stack canaries that prevent successful exploitation of the use-after-free condition in the GPU driver.

prevent

Restricts or prohibits user-installed software that could conduct improper GPU system calls to trigger the resource mismanagement and use-after-free scenario.

References