Back to overview

CVE-2026-45196

Description
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation.

Metadata

CVE ID
CVE-2026-45196
State
PUBLISHED
Assigner
imaginationtech
Reserved
2026-05-11 10:58 UTC
Published
2026-07-10 20:53 UTC
Last updated
2026-07-10 20:53 UTC
Primary CWE
CWE-280
CWE-280: Improper Handling of Insufficient Permissions or Pr…
Vendor / Product
Imagination Technologies / Graphics DDK
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
Imagination Technologies Graphics DDK Linux,Android 1.18 RTM2, 23.2 RTM2, 24.2 RTM2, 25.1 RTM2 ≤ 25.3 RTM …
Weakness (CWE)
CWESourceDescription
CWE-280 cna CWE-280: Improper Handling of Insufficient Permissions or Privileges (4.15)
Back to overview