Improper GPU System Calls in Imagination Technologies Software
CVE-2026-41156

Currently unrated

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 19 June 2026

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2026-41156?

A vulnerability exists in the Imagination Technologies GPU driver where software running with non-privileged user access can execute incorrect GPU system calls. This improper handling leads to resource mismanagement, specifically causing a write use after free scenario. The issue arises when a shared memory page, managed by a CPU thread, is freed before a GPU thread (firmware) has completed its access, potentially exposing the system to stability issues and unauthorized access.

Affected Version(s)

Graphics DDK Linux 1.18 RTM

Graphics DDK Linux 23.2 RTM

Graphics DDK Linux 24.2 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
Apr 17, 2026

CVE-2026-41156 Data

JSON