Imagination Graphics DDK up to 24.2 RTM/25.3 RTM/26.1 RTM incorrect pointer scaling
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability identified as problematic has been detected in Imagination Graphics DDK up to 24.2 RTM/25.3 RTM/26.1 RTM. This affects an unknown part. This manipulation causes incorrect pointer scaling. This vulnerability is tracked as CVE-2026-34194. No exploit exists. You should upgrade the affected component.
Details
A vulnerability classified as problematic was found in Imagination Graphics DDK up to 24.2 RTM/25.3 RTM/26.1 RTM. Affected by this vulnerability is some unknown functionality. The manipulation with an unknown input leads to a incorrect pointer scaling vulnerability. The CWE definition for the vulnerability is CWE-468. In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.
The advisory is shared at imaginationtech.com. This vulnerability is known as CVE-2026-34194 since 03/26/2026. Neither technical details nor an exploit are publicly available.
Upgrading to version 1.18 RTM or 23.2 RTM eliminates this vulnerability.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔒VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔒
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploiting
Class: Incorrect pointer scalingCWE: CWE-468
CAPEC: 🔒
ATT&CK: 🔒
Physical: No
Local: No
Remote: Partially
Availability: 🔒
Status: Not defined
EPSS Score: 🔒
EPSS Percentile: 🔒
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔒
Upgrade: Graphics DDK 1.18 RTM/23.2 RTM
Timeline
03/26/2026 CVE reserved06/08/2026 Advisory disclosed
06/08/2026 VulDB entry created
06/08/2026 VulDB entry last update
Sources
Advisory: imaginationtech.comStatus: Confirmed
CVE: CVE-2026-34194 (🔒)
GCVE (CVE): GCVE-0-2026-34194
GCVE (VulDB): GCVE-100-369217
Entry
Created: 06/08/2026 17:53Changes: 06/08/2026 17:53 (53)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.