CVE-2026-34195

CVE-2026-34195: GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes

Vendor Imagination Technologies
Product Graphics DDK
Weakness CWE-787
Published June 12, 2026
Last update June 15, 2026

CVSS base score

What the vulnerability does

01Description

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping.

Key dates

02Disclosure timeline

June 12, 2026 CVE published
June 15, 2026 Record updated