CVE-2026-46218
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel related to bounds checking in the uvd/vce/vcn code has been resolved, which accesses the IB at predefined offsets.
Risk Assessment
Insufficient bounds checking may lead to unexpected system behavior, posing risks to system stability and security.
Recommendation
It is recommended to update the Linux kernel to the latest version to benefit from the fixes addressing this vulnerability.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ib_{get,set}_value The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can handle arbitrary return values. Also make the idx a uint32_t to prevent overflows causing the condition to fail.

