Improper GPU System Calls in Imagination Technologies Driver
CVE-2026-34196

Currently unrated

Key Information:

Vendor
CVE Published:
10 July 2026

What is CVE-2026-34196?

A security flaw in Imagination Technologies GPU drivers allows software running as a non-privileged user to misuse GPU system calls. This can trigger an integer overflow, enabling the mapping of two GPU virtual addresses to the same physical address. Consequently, the first mapping can be freed while the physical memory attached to it remains linked to a second mapping. This opens the door for potential read/write use-after-free conditions through this second mapping, ultimately risking system stability and data integrity.

Affected Version(s)

Graphics DDK Linux 1.18 RTM2

Graphics DDK Linux 23.2 RTM2

Graphics DDK Linux 24.2 RTM2

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.