CVE-2026-34195

Summary

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel.

The product incorrectly indexes internal state when performing sparse allocation remapping.

Affected Software

VendorProductVersion RangeStatus
Imagination TechnologiesGraphics DDK1.18 RTMunaffected
Imagination TechnologiesGraphics DDK23.2 RTMunaffected
Imagination TechnologiesGraphics DDK24.2 RTMaffected
Imagination TechnologiesGraphics DDK25.1 RTM <= 25.3 RTMaffected
Imagination TechnologiesGraphics DDK26.1 RTMunaffected
Imagination TechnologiesGraphics DDK26.2 RTMunaffected

Weaknesses

  • CWE-787: CWE-787: Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References