CVE-2025-10865

CVE-2025-10865: GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-416
Published January 13, 2026
Last update January 14, 2026

CVSS base score

What the vulnerability does

01Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present.

Key dates

02Disclosure timeline

January 13, 2026 CVE published
January 14, 2026 Record updated