CVE Catalog

CVE-2026-46197

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability in the Linux kernel has been resolved, concerning the validation of the nattr field in the SVM ioctl against the buffer size. This prevents out-of-bounds buffer access via user-controlled attribute count.

Risk Assessment

Organizations may be exposed to attacks that exploit this vulnerability for unauthorized memory access, potentially leading to data leaks or system instability.

Recommendation

It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. (cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS