CVE-2026-46197
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel has been resolved, concerning the validation of the nattr field in the SVM ioctl against the buffer size. This prevents out-of-bounds buffer access via user-controlled attribute count.
Risk Assessment
Organizations may be exposed to attacks that exploit this vulnerability for unauthorized memory access, potentially leading to data leaks or system instability.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. (cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)

