A high-severity memory corruption vulnerability in GPU memory mapping could allow for system-wide compromise if IOMMU mapping errors are not properly handled.

This vulnerability involves memory corruption occurring when initiating GPU memory mapping using scatter-gather lists. The root cause is a failure to check for IOMMU (Input-Output Memory Management Unit) mapping errors, which allows the system to proceed with invalid or corrupted memory pointers.

This vulnerability poses a significant risk to system integrity and stability. With a CVSS score of 7.8, a successful exploit could allow an attacker to trigger memory corruption, potentially leading to arbitrary code execution at the kernel or driver level. For businesses, this could result in complete system takeover, theft of data processed by the GPU (such as in AI or rendering workloads), and severe operational downtime.

Immediate Action: Install the latest GPU drivers and kernel updates from your hardware vendor to ensure proper IOMMU error handling is implemented.

Proactive Monitoring: Implement kernel-level auditing to detect IOMMU faults or unusual GPU memory allocation patterns.

Compensating Controls: Enable hardware-level security features such as IOMMU/VT-d in the BIOS/UEFI settings to provide an additional layer of isolation, though this may not fully mitigate a driver-level flaw.

Public Exploit Available: false

We recommend an immediate audit of all systems utilizing high-performance GPUs. Applying the latest driver and firmware updates is critical to closing this memory corruption vector. Organizations should prioritize patching systems used for sensitive data processing or high-availability services.