Description
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages.



Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.



This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.
Published: 2026-05-01
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability arises in the Imagination Technologies Graphics DDK. A non‑privileged user can issue improper GPU system calls that cause the GPU to write to arbitrary physical memory addresses. This can corrupt data that was not allocated by the GPU driver, potentially affecting kernel or driver memory. The primary impact is arbitrary memory corruption, which can lead to privilege escalation or denial of service, identified as a buffer overrun (CWE‑119).

Affected Systems

Affected are installations of the Imagination Technologies Graphics DDK running on platforms that support the GPU DDK. No specific version numbers are listed in the CNA data.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity of arbitrary writes to physical memory. The EPSS score is unavailable, indicating that publicly available exploitation data is lacking. The vendor does not include the CVE in the CISA KEV catalog. Attackers would need to execute the exploit from a non‑privileged user context and cause the GPU to reference disallowed memory via system calls, a path that requires that the GPU driver improperly validates buffers. This indicates potential remote code execution or kernel compromise if the written data modifies kernel or driver behavior.

Generated by OpenCVE AI on May 1, 2026 at 22:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor patches for the Graphics DDK as soon as they are released.
  • Restrict non‑privileged users from accessing the GPU device nodes, for example by adjusting udev rules or ACLs to limit permissions.
  • Consider disabling GPU acceleration or removing the GPU device from user‑space processes that are not required, to prevent the exploitation path.

Generated by OpenCVE AI on May 1, 2026 at 22:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 01 May 2026 16:15:00 +0000

Type Values Removed Values Added
Description Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.
Title GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory
Weaknesses CWE-119
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: imaginationtech

Published:

Updated: 2026-05-01T19:16:56.328Z

Reserved: 2026-01-06T15:50:36.205Z

Link: CVE-2026-22167

cve-icon Vulnrichment

Updated: 2026-05-01T19:10:46.956Z

cve-icon NVD

Status : Received

Published: 2026-05-01T16:16:29.693

Modified: 2026-05-01T20:16:21.470

Link: CVE-2026-22167

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-01T23:00:14Z

Weaknesses