Vulnerabilities > CVE-2025-5324

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

local

low complexity

CWE-401

NVD

Published: 2025-05-29

Updated: 2025-05-29

Summary

A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub_140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://github.com/Aiyakami/CVE-1/issues/3
https://github.com/Aiyakami/CVE-1/tree/main/test1
https://vuldb.com/?ctiid.310494
https://vuldb.com/?id.310494
https://vuldb.com/?submit.580513

Vulnerabilities > CVE-2025-5324 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2025-5324"}]}

Summary

Common Weakness Enumeration (CWE)

References

Vulnerabilities > CVE-2025-5324