CVE Catalog

CVE-2026-46311

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability in the drm/amdgpu/userq driver allows access to a stale wptr mapping. The fix uses drm_exec to lock both vm root bo and wptr_obj bo simultaneously, preventing a race condition during queue creation.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized access to kernel memory, potentially leading to privilege escalation or data leakage.

Recommendation

Immediately update the Linux kernel to a version containing commit 1fc6c8ab45dbee096469c08c13f6099d57a52d6c or later.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm_exec to take both locks i.e vm root bo and wptr_obj bo to access the mapping data properly. This fixes the security issue of unmap the wptr_obj while a queue creation is in progress and passing other bo at same address. (cherry picked from commit 1fc6c8ab45dbee096469c08c13f6099d57a52d6c)

Vulnerability data from NVD (NIST) · CISA KEV · EPSS