Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel.
A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but before use.
A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but before use.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.imaginationtech.com/gpu-driver-vulnerabilities/ |
|
History
Fri, 10 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but before use. | |
| Title | GPU DDK - rgxfw_hwperf_ufo() re-reads psCmdHeader->ui32CmdSize after initial check, TOCTOU | |
| Weaknesses | CWE-367 | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: imaginationtech
Published:
Updated: 2026-07-10T20:57:19.733Z
Reserved: 2026-05-11T10:58:04.163Z
Link: CVE-2026-45203
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses