Skip to main content

Imagination Graphics DDK EUVDEUVD-2026-43037

| CVE-2026-7639 HIGH
Incomplete Cleanup (CWE-459)
2026-07-10 imaginationtech GHSA-q4g7-pm99-9f7g
7.8
CVSS 3.1 · Vendor: imaginationtech
Share

Severity by source

Vendor (imaginationtech) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Unprivileged local user with GPU access (AV:L, PR:L) reliably triggers the flaw (AC:L, UI:N); arbitrary physical memory access yields high C/I/A within an unchanged scope (S:U).

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (imaginationtech).

CVSS VectorVendor: imaginationtech

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Jul 13, 2026 - 19:32 vuln.today
CVSS changed
Jul 13, 2026 - 19:22 NVD
7.8 (HIGH)
CVE Published
Jul 10, 2026 - 20:50 cve.org
HIGH 7.8
CVE Published
Jul 10, 2026 - 20:50 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code.

Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete cleanup of an internal driver state, allowing for future unauthorized access to the contents of the physical memory.

AnalysisAI

Local memory-corruption escalation in Imagination Technologies' Graphics DDK (the PowerVR GPU driver stack) lets an unprivileged user trigger a use-after-free by issuing an improper sequence of GPU system calls. By forcing a failure path in the MMU mapping logic, an attacker leaves internal driver state incompletely cleaned up, enabling unauthorized read/write access to physical memory from shader code. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain unprivileged local code execution with GPU access
Delivery
Issue improper GPU syscall sequence
Exploit
Force failure in MMU mapping logic
Execution
Leave stale mapping (incomplete cleanup UAF)
Persist
Reuse dangling state from shader code
Impact
Read/write arbitrary physical memory

Vulnerability AssessmentAI

Exploitation Requires the ability to execute code as an unprivileged local user on a device using the Imagination Graphics DDK, and specifically the ability to submit GPU system calls and shader code (access to the GPU/compute interface) - consistent with CVSS PR:L and AV:L. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, base 7.8 HIGH) describes a local, low-complexity attack requiring only low (unprivileged-user) privileges and no user interaction, with high impact across all three properties - consistent with the description of an unprivileged local user achieving arbitrary physical memory access. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unprivileged local user or untrusted application on a device with a vulnerable PowerVR driver submits a crafted sequence of GPU system calls that forces an error in the MMU mapping path, leaving a stale mapping behind. The attacker then uses shader code against the dangling state to read and write physical memory outside its sandbox, escalating privileges or extracting other processes' secrets. …
Remediation Update the Imagination Graphics DDK to a fixed release per Imagination Technologies' GPU driver security advisory at https://www.imaginationtech.com/gpu-driver-vulnerabilities/; the input enumerates affected RTM builds (1.18, 23.2, 24.2, 25.1-25.3, 26.1 RTM1) but does not include an exact patched version, so the released patched version is not independently confirmed from the provided data and should be obtained from the vendor or SoC integrator. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory systems running Imagination Technologies PowerVR graphics DDK and assess which devices permit local user access, prioritizing automotive and industrial control systems. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-41157 CRITICAL
9.8 Jun 12

Out-of-bounds write in the Imagination Technologies Graphics DDK (GPU user-space driver) can be triggered when a victim

CVE-2026-21732 CRITICAL
9.6 Mar 20

GPU shader compiler memory corruption via malicious shader code allows remote code execution when the compiler runs with

CVE-2026-34195 HIGH
8.8 Jun 12

Out-of-bounds kernel write in Imagination Technologies Graphics DDK (PowerVR GPU driver) allows a local non-privileged p

CVE-2026-41154 HIGH
7.8 Jul 10

Out-of-bounds kernel memory read/write in Imagination Technologies Graphics DDK (the driver kit for PowerVR GPUs) allows

CVE-2026-34196 HIGH
7.8 Jul 10

Local privilege escalation in Imagination Technologies' Graphics DDK (PowerVR GPU driver) lets a non-privileged user tri

CVE-2026-45196 HIGH
7.8 Jul 10

Privilege escalation in Imagination Technologies' Graphics DDK GPU driver allows kernel-level software inside a Host VM

CVE-2026-45203 HIGH
7.8 Jul 10

Local privilege escalation and memory corruption in Imagination Technologies Graphics DDK (PowerVR GPU driver kit) lets

CVE-2026-45195 HIGH
7.8 Jun 26

Improper privilege handling in Imagination Technologies' Graphics DDK GPU driver lets privileged kernel code inside a Ho

CVE-2026-41158 HIGH
7.8 Jun 12

Local privilege escalation in Imagination Technologies Graphics DDK (GPU kernel driver) allows non-privileged users to i

CVE-2026-22163 HIGH
7.8 Mar 20

Unsafe IOCTL handling in the DDK kernel module allows local attackers with limited privileges to bypass GPU memory prote

CVE-2026-21734 HIGH
7.7 Jun 26

Out-of-bounds write in Imagination Technologies' Graphics DDK GPU shader compiler lets a crafted web page containing unu

CVE-2026-41156 HIGH
7.7 Jun 19

Local privilege escalation and denial of service in Imagination Technologies Graphics DDK arises from a write use-after-

Share

EUVD-2026-43037 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy