GHSA-vf2q-w6vq-3hq8unknown

Kernel software installed and running inside a Host VM may post improper commands to the GPU...

Published
July 10, 2026
Last Modified
July 10, 2026

🔗 CVE IDs covered (1)

📋 Description

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel.

A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but before use.

🔗 References (3)