CVE-2026-34192— GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationAffected Version Matrix 5
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Imagination Technologies | Graphics DDK | 1.18 RTM | affected |
23.2 RTM | affected | ||
24.2 RTM | affected | ||
25.1 RTM≤ 25.3 RTM | affected | ||
26.1 RTM | unaffected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-34192
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GPU DDK - _MMU_AllocLevel error recovery paths leave dangling page table entries
Source: NVD (National Vulnerability Database)
Vulnerability Description
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not cleanup properly before freeing the physical allocation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Imagination Technologies | Graphics DDK | 1.18 RTM | - |
II. Public POCs for CVE-2026-34192
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-34192
请登录查看更多情报信息。
News Coverage for CVE-2026-34192 (1)
IV. Related Vulnerabilities
Same product: Graphics DDK
- CVE-2026-45195
GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAd - CVE-2026-21734
GPU DDK - libusc OOB write at TreeRemove during WebGPU shade - CVE-2026-41156
GPU DDK - kernel<->fw CCB contains SYNC_PRIMITIVE_BLOCK firm - CVE-2026-41158
GPU DDK - Backed sparse PMRs are not handled by deferred fre - CVE-2026-41157
GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D
Same vendor: Imagination Technologies
- CVE-2026-45195
GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAd - CVE-2026-21734
GPU DDK - libusc OOB write at TreeRemove during WebGPU shade - CVE-2026-41156
GPU DDK - kernel<->fw CCB contains SYNC_PRIMITIVE_BLOCK firm - CVE-2026-41158
GPU DDK - Backed sparse PMRs are not handled by deferred fre - CVE-2026-41157
GPU DDK - OOB Write in CalculateNPOTTwiddleSparsePageMap3D
Same weakness: CWE-416
V. Comments for CVE-2026-34192
No comments yet