CVE-2026-45196

Summary

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation.

Affected Software

VendorProductVersion RangeStatus
Imagination TechnologiesGraphics DDK1.18 RTM2affected
Imagination TechnologiesGraphics DDK23.2 RTM2affected
Imagination TechnologiesGraphics DDK24.2 RTM2affected
Imagination TechnologiesGraphics DDK25.1 RTM2 <= 25.3 RTMaffected
Imagination TechnologiesGraphics DDK26.1 RTM1affected
Imagination TechnologiesGraphics DDK26.1 RTM2unaffected

Weaknesses

  • CWE-280: CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)

References