CVE-2026-41158— GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationAffected Version Matrix 6
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Imagination Technologies | Graphics DDK | 1.18 RTM | unaffected |
23.2 RTM | unaffected | ||
24.2 RTM | unaffected | ||
25.1 RTM≤ 25.3 RTM | affected | ||
26.1 RTM | affected | ||
26.2 RTM | unaffected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-41158
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink
Source: NVD (National Vulnerability Database)
Vulnerability Description
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK | 1.18 RTM | - |
II. Public POCs for CVE-2026-41158
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-41158
请登录查看更多情报信息。
News Coverage for CVE-2026-41158 (1)
Same Patch Batch · Imagination Technologies · 2026-06-12 · 4 CVEs total
| CVE-2026-41155 | GPU DDK - SharedSecMem mapped into all GPU virtual address spaces | |
| CVE-2026-41157 | GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D | |
| CVE-2026-34195 | GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page |
IV. Related Vulnerabilities
Same product: Graphics DDK
- CVE-2026-41157
GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D - CVE-2026-41155
GPU DDK - SharedSecMem mapped into all GPU virtual address s - CVE-2026-34195
GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem d - CVE-2026-34194
GPU DDK - UAF read and/or write to arbitrary physical pages - CVE-2026-22164
GPU DDK - Kernel heap OOB write in DevmemIntComputeVirtualIn
Same vendor: Imagination Technologies
- CVE-2026-41157
GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D - CVE-2026-41155
GPU DDK - SharedSecMem mapped into all GPU virtual address s - CVE-2026-34195
GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem d - CVE-2026-34194
GPU DDK - UAF read and/or write to arbitrary physical pages - CVE-2026-22164
GPU DDK - Kernel heap OOB write in DevmemIntComputeVirtualIn
V. Comments for CVE-2026-41158
No comments yet