CVE-2026-34194

HIGH 7.1

GPU DDK - UAF read and/or write to arbitrary physical pages in DevmemIntChangeSparse due to incorrect calculation of the virtual index count

CVSS Score

7.1

EPSS Score

0.0%

EPSS Percentile

0th

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.

CWE	CWE-468
Vendor	imagination technologies
Product	graphics ddk
Published	Jun 8, 2026
Last Updated	Jun 8, 2026

Stay Ahead of the Next One

Get instant alerts for imagination technologies graphics ddk

Be the first to know when new high vulnerabilities affecting imagination technologies graphics ddk are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Imagination Technologies / Graphics DDK

24.2 RTM 25.1 RTM ≤ 25.3 RTM 26.1 RTM

References

NVD ↗ CVE.org ↗ EPSS Data ↗

imaginationtech.com: https://www.imaginationtech.com/gpu-driver-vulnerabilities/