EUVD-2026-36630
GHSA-xvxw-65r3-5rcf
Lifecycle Timeline
1DescriptionCVE.org
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.
Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.
Analysis
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Kernel heap memory corruption in Imagination Technologies Graphics DDK allows a non-privileged local user to crash or de
Local privilege escalation and integrity compromise in Imagination Technologies Graphics DDK (GPU driver) allows non-pri
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secur
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound
Share
External POC / Exploit Code
Leaving vuln.today