Description

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very small value in GPU shader code can cause a segmentation fault in the GPU shader compiler due to am out-of-bounds write.

Severity (CVSS)

Base score7.7
SeverityHigh
VersionCVSS 3.1
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Provided byCISA-ADP

Weaknesses

  • CWE-823 — CWE-823: Use of Out-of-range Pointer Offset (4.16)

Affected products

VendorProductVersions
Imagination TechnologiesGraphics DDK1.18 RTM; 23.2 RTM; 24.1 RTM to <=24.2 RTM; 25.1 RTM to <=25.3 RTM; 26.1 RTM

References

Authoritative sources

This page is a snapshot. For the latest enrichment and updates, view the record on CVE.org or the NVD.

Generated from the official CVE List on 27 Jun 2026 07:02 UTC.