{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41158", "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "state": "PUBLISHED", "assignerShortName": "imaginationtech", "dateReserved": "2026-04-17T16:26:03.731Z", "datePublished": "2026-06-12T21:57:29.607Z", "dateUpdated": "2026-06-12T21:57:29.607Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech", "dateUpdated": "2026-06-12T21:57:29.607Z"}, "title": "GPU DDK - Backed sparse PMRs are not handled by deferred free mechanism after shrink", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-416", "description": "CWE-416: Use After Free", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-124", "descriptions": [{"lang": "en", "value": "CAPEC-124: Shared Resource Manipulation"}]}], "affected": [{"vendor": "Imagination Technologies", "product": "Graphics DDK", "platforms": ["Linux", "Android"], "versions": [{"status": "unaffected", "version": "1.18 RTM", "versionType": "custom"}, {"status": "unaffected", "version": "23.2 RTM", "versionType": "custom"}, {"status": "unaffected", "version": "24.2 RTM", "versionType": "custom"}, {"status": "affected", "version": "25.1 RTM", "lessThanOrEqual": "25.3 RTM", "versionType": "custom"}, {"status": "affected", "version": "26.1 RTM", "versionType": "custom"}, {"status": "unaffected", "version": "26.2 RTM", "versionType": "custom"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.\n\n\n\nPhysical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.\n<br>\n<br>Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.</p>"}]}], "references": [{"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages.\n\n\n\nPhysical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource."}], "id": "CVE-2026-41158", "lastModified": "2026-06-12T22:16:50.693", "metrics": {}, "published": "2026-06-12T22:16:50.693", "references": [{"source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"}], "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["linux", "android"], "status": "unaffected", "versions": {"scheme": "generic", "value": "1.18 RTM"}}, {"platform": ["linux", "android"], "status": "unaffected", "versions": {"scheme": "generic", "value": "23.2 RTM"}}, {"platform": ["linux", "android"], "status": "unaffected", "versions": {"scheme": "generic", "value": "24.2 RTM"}}, {"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "[25.1 RTM,25.3 RTM]"}}, {"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "26.1 RTM"}}, {"platform": ["linux", "android"], "status": "unaffected", "versions": {"scheme": "generic", "value": "26.2 RTM"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Graphics DDK", "source": "cna", "vendor": "Imagination Technologies"}, "product": "graphics_ddk", "vendor": "imaginationtech"}], "created": "2026-06-12T23:30:08.543562+00:00", "updated": "2026-06-13T12:29:47.528658+00:00", "vendors": ["imaginationtech", "imaginationtech$PRODUCT$graphics_ddk"]}