CVE-2025-58408

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-58408

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58408.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-58408

Aliases

A-429381685
ASB-A-429381685

Published

2025-12-01T12:15:46.570Z

Modified

2026-03-13T03:35:19.186728Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free.

The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in which the reference counts can become unbalanced. This can lead to the premature destruction of a resource while in use.

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "25.2"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-58408.json"