Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables.
The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://www.imaginationtech.com/gpu-driver-vulnerabilities/ |
|
History
Wed, 24 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Imaginationtech
Imaginationtech graphics Ddk |
|
| Vendors & Products |
Imaginationtech
Imaginationtech graphics Ddk |
Mon, 22 Jun 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 19 Jun 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation. | |
| Title | GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries | |
| Weaknesses | CWE-416 | |
| References |
|
Status: PUBLISHED
Assigner: imaginationtech
Published: 2026-06-19T09:23:33.338Z
Updated: 2026-06-22T18:21:51.058Z
Reserved: 2026-03-26T13:47:30.669Z
Link: CVE-2026-34192
Updated: 2026-06-22T18:21:34.529Z
No data.
No data.