HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-41158Published Modified CNA imaginationtech

CVE-2026-41158: GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.

Metrics

CVSS v3.1
7.8
Severity
HIGH
Fixed in
1.18 RTM
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

This is a use-after-free vulnerability in the Imagination Technologies Graphics DDK (GPU driver kernel module). A local attacker with a low-privilege user account can issue GPU system calls that read from or write to physical memory pages the kernel has already freed, because backed sparse PMRs (physical memory resources) are not routed through the deferred free mechanism after a shrink operation. Successful exploitation gives the attacker full read, write, and denial-of-service capability over the affected system. A patched-image rebuild at fix versions 1.18 RTM, 23.2 RTM, 24.2 RTM, and 26.2 RTM is available on HarborGuard for affected environments.

HarborGuard Coverage

Detection

Detection of CVE-2026-41158 is available across every HarborGuard environment; the CVE is ingested from upstream feeds within minutes of publication and matched against images in customer registries, CI pipelines, and custom-built images that bundle the Imagination Technologies Graphics DDK. No manual configuration is needed to enable matching.

Available
Triage

HarborGuard scores this CVE at CVSS 7.8 HIGH (v3.1) and is capable of weighting that score against each customer environment's compliance policy to determine urgency. Triage results are routed to the inbox or ticketing integration configured for the relevant team within each customer organization.

Available
Patch

A patched-image rebuild at the fix versions (1.18 RTM, 23.2 RTM, 24.2 RTM, or 26.2 RTM, whichever applies to the base image) is available on HarborGuard for any environment running an affected DDK version. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite against the new image, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityNot required

    The attacker needs an existing shell or process on the host; no network access is required to reach the vulnerable code path.

  • AuthenticationRequired

    Any low-privilege local user account is sufficient; no elevated or administrative credentials are needed.

  • Victim interactionNot required

    No action from another user or administrator is needed; the attacker triggers the bug entirely through their own GPU system calls.

  • Attack complexityDetail

    Exploit reliability is high and no special environmental conditions, race wins, or memory-layout dependencies are required.

Blast Radius

  • Reads arbitrary physical memory pages that the kernel has freed, exposing data belonging to other processes or the kernel itself, such as credentials, keys, or sensitive application state.
  • Writes to those same freed physical pages, allowing corruption of kernel data structures or other processes' memory.
  • Crashes the affected system or a specific process by corrupting memory in ways that cause invalid dereferences or inconsistent kernel state.
  • Combines read and write primitives to escalate privileges or pivot to a full kernel compromise on the host.

How HarborGuard Handles This

Available on HarborGuard: detection for CVE-2026-41158 activates as soon as the CVE is ingested, and any image found to carry an affected Imagination Technologies Graphics DDK version (up to and including 25.3 RTM and 26.1 RTM) is flagged at HIGH severity. Where compliance policy permits, a patched rebuild targeting the appropriate fix release (1.18 RTM, 23.2 RTM, 24.2 RTM, or 26.2 RTM) is available immediately. For customers who opt into auto-remediation, the typical flow is a rebuilt image, a regression test run, and a PR opened against affected workloads; for HIGH-severity issues, median time from CVE publication to merged patch PR is around 90 minutes in environments with auto-remediation enabled. For environments where a rebuild cannot yet be deployed, compensating controls available through HarborGuard policy include flagging the image as non-compliant for deployment gating, applying network-policy isolation to workloads that use GPU passthrough, and alerting on any new image push that reintroduces the affected DDK version.

See how HarborGuard automates this

Fix available

1.18 RTM23.2 RTM24.2 RTM26.2 RTM
Affected packages
  • Imagination Technologies / Graphics DDK
    ≤ 25.3 RTM · 26.1 RTM
    Fixed in 1.18 RTM, 23.2 RTM, 24.2 RTM, 26.2 RTM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References