CVE-2026-41155
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recovery.
Sharing secure memory allocations among various GPU secure processes allows an attacker to corrupt shared resource affecting other users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Imagination Technologies | Graphics DDK | 1.18 RTM | affected |
| Imagination Technologies | Graphics DDK | 23.2 RTM | affected |
| Imagination Technologies | Graphics DDK | 24.2 RTM | affected |
| Imagination Technologies | Graphics DDK | 25.1 RTM <= 25.3 RTM | affected |
| Imagination Technologies | Graphics DDK | 26.1 RTM | affected |
| Imagination Technologies | Graphics DDK | 26.2 RTM | unaffected |
Weaknesses
- CWE-653: CWE-653: Improper Isolation or Compartmentalization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.