EUVD-2026-36630

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

CVE-2026-41158

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

CVE-2026-41158

Summary of CVE-2026-41158: The vulnerability concerns GPU DDK where backed sparse PMRs are not handled by the deferred free mechanism after shrink, allowing a non-privileged user to perform GPU system calls that write to arbitrarily freed physical pages. The root cause is that physical memory all...

CVE-2026-22164

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory...

CVE-2026-22164

Technical details are not publicly available in the provided documents. Monitor for future updates.

CVE-2026-22167

CVE-2026-22167 concerns a GPU DDK vulnerability where cache-resident PM buffers can be written by other GPU requestors. The issue allows software running as a non-privileged user to issue improper GPU system calls, forcing the GPU to write to arbitrary physical memory pages. Under certain conditi...

Imagination Graphics DDK 缓冲区错误漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a buffer error vulnerability that arises from software run by an unprivileged user that may execute improper GPU system calls to force the GPU to write to arbitrary physical memo...

PT-2026-36498

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

EUVD-2026-23446

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory and files. This is caused by improper handling of GPU memory reservation protections...

CVE-2026-21736

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory resource...

EUVD-2026-10330

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory resource...

CVE-2025-10865

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...

CVE-2025-10865

CVE-2025-10865 affects the Imagination Graphics DDK (GPU driver) where DevmemIntGetReservationData does not properly ref the PMR, leading to improper reference counting and a potential use-after-free vulnerability. The issue is described as arising when unprivileged users run GPU system calls, wi...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. A security vulnerability exists in the Imagination Graphics DDK that stems from the possibility that an unprivileged user may make improper GPU system calls, resulting in improper management of reference counts, which ma...

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

CVE-2025-58410

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...

EUVD-2025-9893

Malicious code in bioql PyPI...

EUVD-2025-7902

Malicious code in bioql PyPI...