Intel Arc GPUs, including discrete models like the A-series (e.g., A770) and newer B-series (e.g., B570, B580 for Battlemage architecture), have faced multiple security flaws in 2025, primarily in graphics drivers and firmware. These are mostly local-vector issues requiring authenticated user access, enabling escalation of privilege (EoP), denial-of-service (DoS), or information disclosure. No widespread remote exploits or zero-days have been reported, but they pose risks in shared/multi-user environments like gaming rigs or workstations. Intel’s November 2025 Patch Tuesday addressed ~30 bugs across products, including Arc-specific ones. Always update via official drivers—stability issues persist in some builds, but security patches are prioritized.
November 2025: INTEL-SA-01356 (Graphics Driver/Firmware Flaws)
Released November 12, this advisory fixes EoP and DoS in Ring 1/3 components, affecting high-end Arc B-series and Pro variants.
• CVE-2025-32091 (High: 8.2/8.4): Incorrect default permissions in Arc B-series GPU firmware (Ring 1: Device Drivers) allow EoP. A privileged local attacker with low-complexity access can escalate via no user interaction, impacting confidentiality/integrity/availability (high). Affected: Arc B570/B580 GPUs; drivers before 32.0.101.6913.
• CVE-2025-31647 (Medium: 6.7/5.4): Uncontrolled search path in Intel Graphics Software (Ring 3: User Applications) enables EoP. Requires high-complexity local attack with user interaction; impacts C/I/A (high). Affected: Arc graphics/Pro drivers before 32.0.101.6913/6862; Iris Xe before 32.0.101.6913.
• CVE-2025-25216 (Low: 3.3/2.0): Improper input validation in Graphics Drivers/LTS kernels (Ring 1) causes DoS. Low-complexity local attack with special knowledge; low availability impact only. Affected: Arc/Arc Pro/Iris Xe drivers before versions above; LTS kernel before lts-v6.12.24.
Mitigation: Update Arc/Iris Xe drivers to 32.0.101.6913+ (includes Graphics Software 25.22.1502.2+); Arc Pro to 32.0.101.6862+. Download from Intel’s site (Arc: intel.com/download/785597; Pro: intel.com/download/741626). LTS kernel via GitHub. No known exploits.
August 2025: Standalone Driver Protection Failure
• CVE-2025-24835 (Medium: ~5.5): Protection mechanism failure in Arc B-series graphics drivers allows DoS via local access. A low-privileged user can trigger crashes with low complexity. Affected: Drivers before 32.0.101.6737.
Mitigation: Update to 32.0.101.6737+ via Intel Driver & Support Assistant or manual download. Patch rolled into later November builds.
May 2025: INTEL-SA-01259 (Multi-CVE Graphics Driver Suite)
This advisory patched 8+ flaws in Arc drivers, focusing on memory handling and access controls. All require local authenticated access.
• High-Severity (7.3–8.4):
• CVE-2025-20101: Out-of-bounds read in drivers → info disclosure/DoS (8.4/6.9).
• CVE-2025-20018: Untrusted pointer dereference → EoP (8.4/6.9).
• CVE-2025-20003: Improper link resolution in installers → EoP (8.2/7.3).
• CVE-2025-20052: Improper access control → DoS (7.3/6.9).
• Medium-Severity (6.5–6.7):
• CVE-2025-21099: Uncontrolled search path → EoP (6.7/5.4).
• CVE-2025-20041: Uncontrolled search path in Arc/Iris Xe software → EoP (6.7/5.4).
• CVE-2025-20071: NULL pointer dereference → DoS (6.5/6.8).
• CVE-2025-20031: Improper input validation → DoS (6.5/6.8).
Affected: Arc graphics before 32.0.101.6449; Arc Pro before 32.0.101.6303; related integrated graphics.
Mitigation: Update Arc to 32.0.101.6449+ (intel.com/download/785597); Arc Pro to 32.0.101.6303+ (intel.com/download/741626). Earlier patches integrated into subsequent releases.
General Advice
• Trends: 2025 vulns cluster around driver memory validation and privilege boundaries, with EoP being the biggest risk for lateral movement. Arc B-series (2025 refresh) saw the most fixes due to new firmware.
• Detection/Exploitation: Monitor for crashes via Event Viewer or Intel GPA; no public PoCs, but local testing possible in VMs.
• Best Practices: Enable auto-updates in Intel Driver Assistant; avoid third-party mods. For enterprises, subscribe to Intel PSIRT. If using Arc in AI/ML (e.g., via oneAPI), audit container isolation.
• Related Notes: Some advisories overlap with Iris Xe integrated graphics in Intel CPUs, so check full systems. Driver stability improved post-November, but benchmark your setup after patching.
For specific CVEs or install help, provide more details!