CVE-2026-45195

GPU DDK - rgxfw_set_mips_fault_address(&psInit->sFaultPhysAddr) is untrusted

CVSS 7.8 HIGHEPSS 0.1%CWE-280

Vexday Risk Score

21Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 7.8EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

26 jun 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Imagination Technologies · Graphics DDK

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.imaginationtech.com/gpu-driver-vulnerabilities/