7.3
CVE-2026-23236
- EPSS 0.01%
- Veröffentlicht 04.03.2026 14:36:40
- Zuletzt bearbeitet 02.04.2026 15:16:24
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
fbdev: smscufx: properly copy ioctl memory to kernelspace
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.2 < 5.10.251
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.201
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.164
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.127
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.74
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.13
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.018 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.3 | 1.8 | 5.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
|