CVE-2026-22164 PUBLISHED

GPU DDK - Kernel heap OOB write in DevmemIntComputeVirtualIndicesFromLogical

Assigner: imaginationtech
Reserved: 06.01.2026 Published: 08.06.2026 Updated: 08.06.2026

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory.

By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory.

Product Status

Vendor Imagination Technologies
Product Graphics DDK
Versions Default: unknown
  • Version 1.18 RTM is unaffected
  • Version 23.2 RTM is unaffected
  • Version 24.2 RTM is affected
  • affected from 25.1 RTM to 25.3 RTM (incl.)
  • Version 26.1 RTM is affected

References

Problem Types

  • CWE-122: Heap-based Buffer Overflow (4.16) CWE

Impacts

  • CAPEC-113: Interface Manipulation (Version 3.9)