7.8
CVE-2026-45195
- EPSS 0.11%
- Veröffentlicht 26.06.2026 15:18:20
- Zuletzt bearbeitet 29.06.2026 18:44:21
- Quelle 367425dc-4d06-4041-9650-c2dc6a
- CVE-Watchlists
- Unerledigt
GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Imaginationtech ≫ Ddk Version <= 25.3
Imaginationtech ≫ Ddk Version26.1 Updatertm1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.013 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-280 Improper Handling of Insufficient Permissions or Privileges
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
https://www.imaginationtech.com/gpu-driver-vulnerabilities/