CVE-2026-21736

Medium CVSS: 4.4

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory.

This is caused by improper handling of the memory protections for the user-mode wrapped memory resource.

Vendor

Imaginationtech

Product

Ddk

CWE

CWE-280

Yayın Tarihi

2026-03-09 13:15:56

Güncelleme

2026-03-10 18:46:06

Source Identifier

367425dc-4d06-4041-9650-c2dc6aaa27ce

KEV Date Added

Kategoriler

CWE-280 Ddk MEDIUM Imaginationtech 2026

Referanslar

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Benzer Kayıtlar

Critical

CVE-2025-13952

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a wr…

High

CVE-2025-10865

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of refe…

Low

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to…

High

CVE-2025-58411

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reso…

Critical

CVE-2025-25176

Intermediate register values of secure workloads can be exfiltrated in workloads scheduled from applications running in…

Medium

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data…