CVE-2026-46230
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel has been resolved that allowed out-of-bounds (OOB) reads when parsing decoder messages in the amdgpu vcn3 module. Boundary checks have been implemented to prevent these reads.
Risk Assessment
Organizations may be exposed to unauthorized memory access, potentially leading to sensitive data disclosure or system instability.
Recommendation
It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and secure the system against potential attacks.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg.

