HIGHCVE-2026-22167Published Modified CNA imaginationtech
CVE-2026-22167: GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 26.1 RTM
- Affected Products
- 1
Fix available
26.1 RTM
Affected packages
- Imagination Technologies / Graphics DDK1.18 RTM · 23.2 RTM · ≤ 24.2 RTM · ≤ 25.3 RTMFixed in 26.1 RTM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HReferences