All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-41158
HIGHpublished 2026-06-12 22:16 UTC · 12 days ago · modified 2026-06-16 15:40 UTC
7.8
CVSS / 10
// description
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed the resource.
// cvss 3.1 vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
// weaknesses (CWE)
- CWE-416