5.5

CVE-2026-43400

drm/amdgpu: add upper bound check on user inputs in signal ioctl

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and
could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES
which is big enough value for genuine use cases and could
potentially avoid OOM.

(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.16 < 6.18.19
LinuxLinux Kernel Version >= 6.19 < 6.19.9
LinuxLinux Kernel Version7.0 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.026
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/6fff5204d8aa26b1be50b6427f833bd3e8899c4f
Patch
https://git.kernel.org/stable/c/46630d966b99b0fc6cb01fef4110587f3375a0c0
Patch
https://git.kernel.org/stable/c/ea78f8c68f4f6211c557df49174c54d167821962
Patch