CRITICAL🇵🇱 Wersja polska

CVE-2025-6573

CVSS 9.8v3.1pub. 2025-08-09upd. 2026-04-15

Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE).

🤖 AI Analysis
How it works

Kernel software installed and running within the untrusted/rich execution environment (REE) is able to access information stored or processed in the trusted execution environment (TEE). The isolation boundary between REE and TEE — which forms the foundation of the security model for such architectures — is not properly enforced, leading to unauthorized data leakage. CWE-280 indicates insufficient permission management as the cause of this condition.

Impact

An attacker can gain unauthorized access to sensitive data stored in the TEE, such as cryptographic keys, authentication credentials, or other sensitive information, which may lead to complete compromise of the confidentiality of protected resources.

Mitigation & patch

Apply patches available from the manufacturer in accordance with references published at https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Who is affected

Imagination Technologies products utilizing GPU drivers — versions indicated in manufacturer references (https://www.imaginationtech.com/gpu-driver-vulnerabilities/)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References