CVE-2026-21736 GPU DDK - Insufficient permission check in PhysmemWrapExtMem() when write attribute support enabled

🗓️ 09 Mar 2026 12:23:38Reported by imaginationtechType

CVE-2026-21736: Permission flaw in PhysmemWrapExtMem with write support exposes read-only wrapped memory to write.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2026-21736	9 Mar 202612:23	–	attackerkb
Circl	CVE-2026-21736	1 Jun 202618:00	–	circl
CNNVD	Imagination Graphics DDK 安全漏洞	9 Mar 202600:00	–	cnnvd
CVE	CVE-2026-21736	9 Mar 202612:23	–	cve
EUVD	EUVD-2026-10330	9 Mar 202615:30	–	euvd
EUVD	EUVD-2026-10331	9 Mar 202615:30	–	euvd
NVD	CVE-2026-21736	9 Mar 202613:15	–	nvd
OSV	ASB-A-382331631	1 Jun 202600:00	–	osv
OSV	CVE-2026-21736	9 Mar 202613:15	–	osv
Positive Technologies	PT-2026-24059	9 Mar 202600:00	–	ptsecurity

[
  {
    "vendor": "Imagination Technologies",
    "product": "Graphics DDK",
    "platforms": [
      "Linux",
      "Android"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "1.17 RTM",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "1.18 RTM",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "23.2 RTM",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "24.1 RTM",
        "lessThanOrEqual": "25.1 RTM",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "25.2 RTM",
        "lessThanOrEqual": "25.3 RTM",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "26.1 RTM",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
imaginationtech	www.imaginationtech.com/gpu-driver-vulnerabilities/

09 Mar 2026 12:23Current

EPSS0.00006

CWE-280