Skip to main content

Imagination Graphics DDK CVE-2026-45195

| EUVDEUVD-2026-39787 HIGH
Improper Handling of Insufficient Permissions or Privileges (CWE-280)
2026-06-26 imaginationtech GHSA-hwpp-2m5q-2cw8
7.8
CVSS 3.1 · Vendor: imaginationtech
Share

Severity by source

Vendor (imaginationtech) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Local kernel-level access in the Host VM gives AV:L/PR:L; firmware accessing host memory beyond the host kernel's permitted range crosses an authority boundary, justifying S:C with full C/I/A impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N

Primary rating from Vendor (imaginationtech).

CVSS VectorVendor: imaginationtech

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jun 26, 2026 - 20:23 vuln.today
CVSS changed
Jun 26, 2026 - 20:22 NVD
7.8 (HIGH)
CVE Published
Jun 26, 2026 - 15:18 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel.

Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system.

AnalysisAI

Improper privilege handling in Imagination Technologies' Graphics DDK GPU driver lets privileged kernel code inside a Host VM submit crafted commands to the GPU firmware, coercing the firmware into reading or writing host memory outside the range the host kernel is permitted to touch. Affecting Graphics DDK 1.18, 23.2, 24.2, 25.1-25.3 and 26.1 RTM, the flaw enables out-of-bounds host memory access (information disclosure and corruption) through the firmware's elevated memory privileges. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain kernel-level execution in Host VM
Delivery
Craft GPU command with out-of-range addresses
Exploit
Submit command to GPU firmware
Execution
Firmware performs privileged out-of-bounds access
Impact
Read or corrupt host memory beyond permitted range

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already be running kernel-mode software inside the Host VM (i.e., local, kernel/driver-level privileges on the host - reflected by AV:L and PR:L), and the target system must use one of the affected Graphics DDK versions (1.18, 23.2, 24.2, 25.1-25.3, or 26.1 RTM) with a GPU firmware path that accepts host-kernel-supplied addresses without re-validating them against the host kernel's permitted range. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H = 7.8 High) describes a local attack of low complexity requiring some privileges and no user interaction, with high confidentiality, integrity and availability impact - consistent with code that already runs as kernel software inside the Host VM abusing the GPU firmware path. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already achieved kernel-level code execution inside the Host VM (for example via a separate local privilege escalation or as a malicious/compromised driver) crafts GPU command stream entries containing memory addresses outside its permitted range. The GPU firmware accepts these addresses and performs reads or writes using its more privileged memory access, letting the attacker exfiltrate or corrupt host memory it should not reach. …
Remediation No exact fixed version is provided in the input, so the actionable step is to consult Imagination's GPU driver vulnerability advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/ and obtain the patched Graphics DDK build from your SoC/platform integrator, prioritizing systems running the listed 1.18, 23.2, 24.2, 25.1-25.3 and 26.1 RTM releases (the '≤25.3 RTM' boundary suggests a fix exists in a later 25.x build, but the patched version is not independently confirmed from available data). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running Graphics DDK versions 1.18, 23.2, 24.2, 25.1-25.3, or 26.1 RTM; prioritize virtualized/Host VM deployments. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-41157 CRITICAL
9.8 Jun 12

Out-of-bounds write in the Imagination Technologies Graphics DDK (GPU user-space driver) can be triggered when a victim

CVE-2026-21732 CRITICAL
9.6 Mar 20

GPU shader compiler memory corruption via malicious shader code allows remote code execution when the compiler runs with

CVE-2026-34195 HIGH
8.8 Jun 12

Out-of-bounds kernel write in Imagination Technologies Graphics DDK (PowerVR GPU driver) allows a local non-privileged p

CVE-2026-41154 HIGH
7.8 Jul 10

Out-of-bounds kernel memory read/write in Imagination Technologies Graphics DDK (the driver kit for PowerVR GPUs) allows

CVE-2026-7639 HIGH
7.8 Jul 10

Local memory-corruption escalation in Imagination Technologies' Graphics DDK (the PowerVR GPU driver stack) lets an unpr

CVE-2026-34196 HIGH
7.8 Jul 10

Local privilege escalation in Imagination Technologies' Graphics DDK (PowerVR GPU driver) lets a non-privileged user tri

CVE-2026-45196 HIGH
7.8 Jul 10

Privilege escalation in Imagination Technologies' Graphics DDK GPU driver allows kernel-level software inside a Host VM

CVE-2026-45203 HIGH
7.8 Jul 10

Local privilege escalation and memory corruption in Imagination Technologies Graphics DDK (PowerVR GPU driver kit) lets

CVE-2026-41158 HIGH
7.8 Jun 12

Local privilege escalation in Imagination Technologies Graphics DDK (GPU kernel driver) allows non-privileged users to i

CVE-2026-22163 HIGH
7.8 Mar 20

Unsafe IOCTL handling in the DDK kernel module allows local attackers with limited privileges to bypass GPU memory prote

CVE-2026-21734 HIGH
7.7 Jun 26

Out-of-bounds write in Imagination Technologies' Graphics DDK GPU shader compiler lets a crafted web page containing unu

CVE-2026-41156 HIGH
7.7 Jun 19

Local privilege escalation and denial of service in Imagination Technologies Graphics DDK arises from a write use-after-

Share

CVE-2026-45195 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy