{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34192", "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "state": "PUBLISHED", "assignerShortName": "imaginationtech", "dateReserved": "2026-03-26T13:47:30.669Z", "datePublished": "2026-06-19T09:23:33.338Z", "dateUpdated": "2026-06-22T18:21:51.058Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech", "dateUpdated": "2026-06-19T09:23:33.338Z"}, "title": "GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-416", "description": "CWE-416: Use After Free (4.15)", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-124", "descriptions": [{"lang": "en", "value": "CAPEC-124: Shared Resource Manipulation (Version 3.9)"}]}], "affected": [{"vendor": "Imagination Technologies", "product": "Graphics DDK", "platforms": ["Linux", "Android"], "versions": [{"status": "affected", "version": "1.18 RTM", "versionType": "custom"}, {"status": "affected", "version": "23.2 RTM", "versionType": "custom"}, {"status": "affected", "version": "24.2 RTM", "versionType": "custom"}, {"status": "affected", "version": "25.1 RTM", "lessThanOrEqual": "25.3 RTM", "versionType": "custom"}, {"status": "unaffected", "version": "26.1 RTM", "versionType": "custom"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables.\n\n\n\nThe vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables.\n<br>\n<br>The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation."}]}], "references": [{"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-06-22T18:21:48.311801Z", "id": "CVE-2026-34192", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-22T18:21:51.058Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-124", "descriptions": [{"lang": "en", "value": "CAPEC-124: Shared Resource Manipulation (Version 3.9)"}]}], "affected": [{"vendor": "Imagination Technologies", "product": "Graphics DDK", "versions": [{"status": "affected", "version": "1.18 RTM", "versionType": "custom"}, {"status": "affected", "version": "23.2 RTM", "versionType": "custom"}, {"status": "affected", "version": "24.2 RTM", "versionType": "custom"}, {"status": "affected", "version": "25.1 RTM", "versionType": "custom", "lessThanOrEqual": "25.3 RTM"}, {"status": "unaffected", "version": "26.1 RTM", "versionType": "custom"}], "platforms": ["Linux", "Android"], "defaultStatus": "unknown"}], "references": [{"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables.\n\n\n\nThe vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation.", "supportingMedia": [{"type": "text/html", "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables.\n<br>\n<br>The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416: Use After Free (4.15)"}]}], "providerMetadata": {"orgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "shortName": "imaginationtech", "dateUpdated": "2026-06-19T09:23:33.338Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-34192", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-22T18:21:48.311801Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-06-22T18:21:34.529Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-34192", "state": "PUBLISHED", "dateUpdated": "2026-06-19T09:23:33.338Z", "dateReserved": "2026-03-26T13:47:30.669Z", "assignerOrgId": "367425dc-4d06-4041-9650-c2dc6aaa27ce", "datePublished": "2026-06-19T09:23:33.338Z", "assignerShortName": "imaginationtech"}, "dataVersion": "5.2"}

{}

{}

{"affected": [{"configurations": [{"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "1.18 RTM"}}, {"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "23.2 RTM"}}, {"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "24.2 RTM"}}, {"platform": ["linux", "android"], "status": "affected", "versions": {"scheme": "generic", "value": "[25.1 RTM,25.3 RTM]"}}, {"platform": ["linux", "android"], "status": "unaffected", "versions": {"scheme": "generic", "value": "26.1 RTM"}}], "enrichment": {"confidence": 86.0, "confidence_source": "matching", "scores": [{"score": 86.0, "source": "matching"}]}, "original": {"product": "Graphics DDK", "source": "cna", "vendor": "Imagination Technologies"}, "product": "graphics_ddk", "vendor": "imaginationtech"}], "created": "2026-06-19T10:30:15.900302+00:00", "updated": "2026-06-24T20:30:04.366114+00:00", "vendors": ["imaginationtech", "imaginationtech$PRODUCT$graphics_ddk"]}