Out-Of-Bounds Memory Access in Imagination Technology's GPU Driver
CVE-2026-41154

Currently unrated

Key Information:

Vendor
CVE Published:
10 July 2026

What is CVE-2026-41154?

Imagination Technology's GPU driver is susceptible to out-of-bounds memory access issues when processing pages larger than 4kB. This vulnerability emerges from incorrect buffer indexing during the page freeing logic of the sparse memory implementation, potentially allowing a non-privileged user to read or write to the kernel memory. Such behavior could lead to serious security implications by exposing sensitive memory areas or executing arbitrary code.

Affected Version(s)

Graphics DDK Linux 24.2 RTM2

Graphics DDK Linux 25.1 RTM2 <= 25.3 RTM

Graphics DDK Linux 26.1 RTM1

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.