Intel GPU Driver NULL Deref via Improper Syscalls (CVE-2025-46711)
CVE-2025-46711 Published on September 22, 2025
GPU DDK - NULL Pointer dereference occurs in LockHandle on bridge entry when connection misused
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger NULL pointer dereference kernel exceptions.
Vulnerability Analysis
CVE-2025-46711 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.
Products Associated with CVE-2025-46711
stack.watch emails you whenever new vulnerabilities are published in Intel Graphics Driver or Google Android. Just hit a watch button to start following.
Affected Versions
Imagination Technologies Graphics DDK:- Version 1.15 RTM is unaffected.
- Version 1.17 RTM is affected.
- Version 1.18 RTM is affected.
- Version 23.2 RTM, <= 25.1 RTM1 is affected.
- Version 25.1 RTM2 is unaffected.
- Version 25.2 RTM is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.