Out-Of-Bounds Memory Access in Imagination Technology's GPU Driver
CVE-2026-41154
Currently unrated
What is CVE-2026-41154?
Imagination Technology's GPU driver is susceptible to out-of-bounds memory access issues when processing pages larger than 4kB. This vulnerability emerges from incorrect buffer indexing during the page freeing logic of the sparse memory implementation, potentially allowing a non-privileged user to read or write to the kernel memory. Such behavior could lead to serious security implications by exposing sensitive memory areas or executing arbitrary code.
Affected Version(s)
Graphics DDK Linux 24.2 RTM2
Graphics DDK Linux 25.1 RTM2 <= 25.3 RTM
Graphics DDK Linux 26.1 RTM1
