CVE Catalog

CVE-2026-46006

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel related to a u32 overflow in the relocation bounds check in drm/nouveau. The issue occurs during offset validation, potentially leading to system instability.

Risk Assessment

This vulnerability could lead to unauthorized access or system destabilization, posing a serious threat to the integrity and availability of services within the organization.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and to monitor systems for potential exploits.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveau_gem_pushbuf_reloc_apply() validates each relocation with if (r->reloc_bo_offset + 4 > nvbo->bo.base.size) but reloc_bo_offset is __u32 (uapi/drm/nouveau_drm.h) and the integer literal 4 promotes to unsigned int, so the addition is performed in 32 bits and wraps before the comparison against the size_t bo size. Cast to u64 so the addition happens in 64-bit arithmetic. [ Add Fixes: tag. - Danilo ]

Vulnerability data from NVD (NIST) · CISA KEV · EPSS