Buffer overflow in Imaginationtech Ddk

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allo…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (3.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-58409?
CVE-2025-58409 is a low-severity vulnerability in Imaginationtech Ddk, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 3.5/10. Published 2026-01-13.
How severe is CVE-2025-58409?
Low severity. CVSS v3 base score is 3.5 out of 10.