Home

Description

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete cleanup of an internal driver state, allowing for future unauthorized access to the contents of the physical memory.

PUBLISHED Reserved 2026-05-01 | Published 2026-07-10 | Updated 2026-07-13 | Assigner imaginationtech

Problem types

CWE-459: Incomplete Cleanup

Product status

Default status
unknown

1.18 RTM2 (custom)
affected

23.2 RTM2 (custom)
affected

24.2 RTM2 (custom)
affected

25.1 RTM2 (custom)
affected

26.1 RTM1 (custom)
affected

26.1 RTM2 (custom)
unaffected

References

www.imaginationtech.com/gpu-driver-vulnerabilities/

cve.org (CVE-2026-7639)

nvd.nist.gov (CVE-2026-7639)

Download JSON