CVE-2025-13952

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.<br /> <br /> The shader code contained in the web page executes a path in the compiler that held onto an out of date pointer, pointing to a freed memory object.