CVE-2026-21736
GPU DDK - Insufficient permission check in PhysmemWrapExtMem() when write attribute support enabled
CVSS Score
4.4
EPSS Score
0.0%
EPSS Percentile
0th
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory resource.
| CWE | CWE-280 |
| Vendor | imagination technologies |
| Product | graphics ddk |
| Published | Mar 9, 2026 |
| Last Updated | Mar 9, 2026 |
Stay Ahead of the Next One
Get instant alerts for imagination technologies graphics ddk
Be the first to know when new medium vulnerabilities affecting imagination technologies graphics ddk are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Imagination Technologies / Graphics DDK
1.17 RTM 1.18 RTM 23.2 RTM 24.1 RTM ≤ 25.1 RTM