CVE-2026-7639
Description
Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code.
Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete cleanup of an internal driver state, allowing for future unauthorized access to the contents of the physical memory.
Metadata
Severity & Metrics
No CVSS data available.
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Imagination Technologies | Graphics DDK | Linux,Android | 1.18 RTM2, 23.2 RTM2, 24.2 RTM2, 25.1 RTM2 ≤ 25.3 RTM … |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-459 | cna | CWE-459: Incomplete Cleanup |
References (1)