As GPUs assume increasingly intricate roles—from machine learning to advanced image processing and augmented reality—they are simultaneously becoming more appealing targets for attackers. Their exposed position to unprivileged applications and browser processes, allowing 0-click attacks, amplifies the need for rigorous security evaluation. In this presentation we will discuss an interesting vulnerability found on the Imagination DXT GPU. This adventurous exploit diverged from conventional kernel exploits as it leveraged undocumented behavior of the GPU hardware itself. Additionally, the Linux kernel mitigations turned out to be ineffective in preventing exploitation.
The root of this vulnerability lay within the way the GPU hardware can request additional memory for passing data from vertex shading to fragment shading. By corrupting a special GPU stack pointer register (CVE-2025-25180) initially from user-mode, the GPU hardware could be made to access memory pages of which the address is provided by an attacker and store geometry data to this controlled location in memory.
To understand how this mysterious GPU hardware unit processes the metadata about these memory pages, we will demonstrate the blackbox approaches we used to gain an understanding of the behavior of the GPU hardware. After much trial and error, we discovered a strong write primitive with certain specific limitations. This primitive allowed us to directly patch Android kernel functions leveraging the GPU hardware.
As a result of our research, we’ll present a live demo for rooting one of the Android devices which uses unpatched drivers from an unprivileged application. Besides, we will discuss several bug variants of CVE-2025-25180.
The relevant GPU drivers have since been updated to address this vulnerability. To ensure ecosystem-wide adoption for the patches, we recommend OEMs to reach out to their GPU providers.
Martijn Bogaard is a security engineer at Google working on low-level device security. On a day-by-day basis he reviews code for vulnerabilities, writes fuzzers and once in a while writes an exploit for an interesting vulnerability he finds.
Xingyu Jin is a security researcher at Google working on Pixel / Android ecosystem offensive/defensive security research.
