CVE Catalog

CVE-2026-41156

HighCVSS 7.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

2th percentile - higher than 2% of all known CVEs

Summary

Software running as a non-privileged user may conduct improper GPU system calls, leading to mismanagement of resources and a write use after free scenario.

Risk Assessment

The organization may face security issues that could lead to unauthorized memory access and potential system crashes.

Recommendation

It is recommended to monitor and restrict access to GPU resources and update software to minimize the risk of this vulnerability.

Original NVD description (English source)

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource (memory page) managed by a CPU thread of control (driver) and accessed by a GPU thread of control (Firmware) can cause a write UAF when the CPU thread frees the resource before the GPU FW has finished accessing it.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS