CVE-2026-22163

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

20/03/2026

Last modified:

20/03/2026

Description

Requires malware code to misuse the DDK kernel module IOCTL interface.<br /> <br /> Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages.<br /> <br /> The product utilises a shared resource in a concurrent manner but does not attempt to synchronise access to the resource.

Impact

References to Advisories, Solutions, and Tools

https://www.imaginationtech.com/gpu-driver-vulnerabilities/