5.5

CVE-2026-43398

drm/amdgpu: add upper bound check on user inputs in wait ioctl

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in wait ioctl

Huge input values in amdgpu_userq_wait_ioctl can lead to a OOM and
could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES
which is big enough value for genuine use cases and could
potentially avoid OOM.

v2: squash in Srini's fix

(cherry picked from commit fcec012c664247531aed3e662f4280ff804d1476)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.16 < 6.18.19
LinuxLinux Kernel Version >= 6.19 < 6.19.9
LinuxLinux Kernel Version7.0 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.026
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/b1d10508da559da2e0ca9cca6505094a7df948e1
Patch
https://git.kernel.org/stable/c/3cd93bc695b3456f26f5ed52753d9071da26202a
Patch
https://git.kernel.org/stable/c/64ac7c09fc44985ec9bb6a9db740899fa40ca613
Patch