CVE-2026-43398
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add upper bound check on user inputs in wait ioctl
Huge input values in amdgpu_userq_wait_ioctl can lead to a OOM and could be exploited.
So check these input value against AMDGPU_USERQ_MAX_HANDLES which is big enough value for genuine use cases and could potentially avoid OOM.
v2: squash in Srini's fix
(cherry picked from commit fcec012c664247531aed3e662f4280ff804d1476)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a292fdecd72834b3bec380baa5db1e69e7f70679 < b1d10508da559da2e0ca9cca6505094a7df948e1 | affected |
| Linux | Linux | a292fdecd72834b3bec380baa5db1e69e7f70679 < 3cd93bc695b3456f26f5ed52753d9071da26202a | affected |
| Linux | Linux | a292fdecd72834b3bec380baa5db1e69e7f70679 < 64ac7c09fc44985ec9bb6a9db740899fa40ca613 | affected |
| Linux | Linux | 6.16 | affected |
| Linux | Linux | 0 < 6.16 | unaffected |
| Linux | Linux | 6.18.19 <= 6.18.* | unaffected |
| Linux | Linux | 6.19.9 <= 6.19.* | unaffected |
| Linux | Linux | 7.0 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/b1d10508da559da2e0ca9cca6505094a7df948e1
- https://git.kernel.org/stable/c/3cd93bc695b3456f26f5ed52753d9071da26202a
- https://git.kernel.org/stable/c/64ac7c09fc44985ec9bb6a9db740899fa40ca613
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.