Back to overview

CVE-2026-41154

Description
Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access.

Metadata

CVE ID
CVE-2026-41154
State
PUBLISHED
Assigner
imaginationtech
Reserved
2026-04-17 16:26 UTC
Published
2026-07-10 20:46 UTC
Last updated
2026-07-10 20:46 UTC
Primary CWE
CWE-787
CWE-787: Out-of-bounds Write
Vendor / Product
Imagination Technologies / Graphics DDK
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
Imagination Technologies Graphics DDK Linux,Android 1.18 RTM2, 23.2 RTM2, 24.2 RTM2, 25.1 RTM2 ≤ 25.3 RTM …
Weakness (CWE)
CWESourceDescription
CWE-787 cna CWE-787: Out-of-bounds Write
Back to overview