CVE-2026-21733
Received Received - Intake
GPU Memory Protection Bypass Allows Write Access to Read-Only Memory

Publication date: 2026-04-17

Last updated on: 2026-04-23

Assigner: imaginationtech

Description
Vulnerability in Imagination Technologies Graphics DDK on Linux, Android --Β  RESERVED
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-17
Last Modified
2026-04-23
Generated
2026-05-07
AI Q&A
2026-04-17
EPSS Evaluated
2026-05-05
NVD
CVE-2026-21733
EUVD
EUVD-2026-23446
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-280 The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability occurs when software running as a non-privileged user improperly uses GPU system calls to gain write access to memory and files that are supposed to be read-only in user mode.

The root cause is improper handling of GPU memory reservation protections, which allows unauthorized modification of protected memory areas.


How can this vulnerability impact me? :

An attacker exploiting this vulnerability could gain write permissions to memory and files that should be read-only, potentially leading to unauthorized data modification or corruption.

This could compromise the integrity of applications or data, possibly allowing further exploitation or system instability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart