CVE-2026-21736 | THREATINT

Description

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory resource.

PUBLISHED Reserved 2026-01-05 | Published 2026-03-09 | Updated 2026-03-09 | Assigner imaginationtech

Problem types

CWE-280: Improper Handling of Insufficient Permissions or Privileges

Product status

Default status

unknown

1.17 RTM (custom)

affected

1.18 RTM (custom)

affected

23.2 RTM (custom)

affected

24.1 RTM (custom)

affected

25.2 RTM (custom)

unaffected

26.1 RTM (custom)

unaffected

References

www.imaginationtech.com/gpu-driver-vulnerabilities/

cve.org (CVE-2026-21736)

nvd.nist.gov (CVE-2026-21736)

Download JSON

help @ threatint.eu