Cyber Resilience

CVE-2026-22167

HighUpdated

Published: 01 May 2026

Published
01 May 2026
Modified
01 June 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-22167 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Imaginationtech Ddk. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-22167 is a memory corruption vulnerability in GPU drivers from Imagination Technologies, stemming from improper GPU system calls. Software installed and executed as a non-privileged user can force the GPU to write to arbitrary physical memory pages, including those not allocated by the GPU driver. This includes data pages used by the kernel and other drivers, potentially altering their behavior, as well as restricted internal GPU buffers, resulting in second-order arbitrary physical memory corruption. The issue is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability by running malicious software that issues the improper system calls. Successful exploitation enables the GPU to perform unauthorized write operations, leading to corruption of kernel memory pages and drivers, which can compromise system integrity, confidentiality, and availability at a high level. No user interaction is required, and the attack is straightforward given the low attack complexity.

Imagination Technologies has published details on mitigations and related GPU driver vulnerabilities at https://www.imaginationtech.com/gpu-driver-vulnerabilities/. Security practitioners should consult this advisory for patch information and hardening guidance specific to affected driver versions.

EU & UK References

Vulnerability details

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the…

more

GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local low-privileged memory corruption in GPU driver enables direct kernel/driver memory writes for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-58411Same product: Imaginationtech Ddk
CVE-2026-22163Same product: Imaginationtech Ddk
CVE-2025-13952Same product: Imaginationtech Ddk
CVE-2025-10865Same product: Imaginationtech Ddk
CVE-2026-22165Same product: Imaginationtech Ddk
CVE-2026-22166Same product: Imaginationtech Ddk
CVE-2025-25176Same product: Imaginationtech Ddk
CVE-2026-21732Same product: Imaginationtech Ddk
CVE-2024-47796Shared CWE-119
CVE-2025-15411Shared CWE-119

Affected Assets

imaginationtech
ddk
25.3 · ≤ 25.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-16 enforces memory protection mechanisms that directly prevent unauthorized GPU writes to arbitrary physical memory pages, including kernel memory, mitigating the core memory corruption vulnerability.

prevent

SI-2 requires timely remediation of the specific GPU driver flaw allowing improper system calls from non-privileged users to trigger arbitrary memory writes.

prevent

CM-11 restricts or prohibits user-installed software, preventing execution of the malicious programs that issue improper GPU system calls to exploit the vulnerability.

References