Description
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible browser/GPU process crash.



The software computes a required memory size from untrusted input, but integer overflow can produce a value smaller than needed. Subsequent write operations may then occur past the intended memory boundary, corrupting adjacent memory and causing process instability or termination.
Published: 2026-06-12
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an out‑of‑bounds write in the Imagination Technologies Graphics DDK, triggered by WebGPU content loaded into the GPU GLES render process. The driver computes a required memory buffer size from untrusted input, but an integer overflow can produce a value smaller than needed. A subsequenting adjacent memory. This memory corruption can cause the GPU process to become unstable or crash, as described in the CVE report. The weakness is identified as CWE‑787 and the CVSS score of 9.8 indicates a critical severity.

Affected Systems

Imagination Technologies Graphics DDK products that are used in web browsers supporting WebGPU. No specific affected versions are disclosed in the available data.

Risk and Exploitability

The CVSS score of 9.8 indicates critical severity, while the EPSS score of < 1% suggests a very low likelihood of exploitation in the wild. The vulnerability is not listed in CISA KEV. Attackers would need to supply a crafted WebGPU payload to a web page, making the attack vector client‑side and local to the browser environment. The potential impact is a crash of the GPU rendering process within the browser.

Generated by OpenCVE AI on June 18, 2026 at 01:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install the latest Imagination Technologies GPU driver update that addresses the memory size calculation issue.
  • If no patch is available, disable WebGPU features in the browser or use browser extensions that enforce stricter content security policies to block untrusted WebGPU content.
  • Configure the system to restrict GPU process privileges and isolate it from other critical processes so that a crash does not lead to broader system compromise.

Generated by OpenCVE AI on June 18, 2026 at 01:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 15 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sat, 13 Jun 2026 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Imaginationtech
Imaginationtech graphics Ddk
Vendors & Products Imaginationtech
Imaginationtech graphics Ddk

Fri, 12 Jun 2026 22:15:00 +0000

Type Values Removed Values Added
Description A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible browser/GPU process crash. The software computes a required memory size from untrusted input, but integer overflow can produce a value smaller than needed. Subsequent write operations may then occur past the intended memory boundary, corrupting adjacent memory and causing process instability or termination.
Title GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D
Weaknesses CWE-787
References

Subscriptions

Imaginationtech Graphics Ddk
cve-icon MITRE

Status: PUBLISHED

Assigner: imaginationtech

Published:

Updated: 2026-06-16T03:56:06.522Z

Reserved: 2026-04-17T16:26:03.731Z

Link: CVE-2026-41157

cve-icon Vulnrichment

Updated: 2026-06-15T15:13:42.406Z

cve-icon NVD

Status : Deferred

Published: 2026-06-12T22:16:50.583

Modified: 2026-06-16T15:40:10.107

Link: CVE-2026-41157

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T02:00:05Z

Weaknesses