GHSA-q4g6-xq34-4jxwMediumCVSS 5.5
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound...
🔗 CVE IDs covered (1)
📋 Description
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add upper bound check on user inputs in signal ioctl
Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and could be exploited.
So check these input value against AMDGPU_USERQ_MAX_HANDLES which is big enough value for genuine use cases and could potentially avoid OOM.
(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-43400
- https://git.kernel.org/stable/c/46630d966b99b0fc6cb01fef4110587f3375a0c0
- https://git.kernel.org/stable/c/6fff5204d8aa26b1be50b6427f833bd3e8899c4f
- https://git.kernel.org/stable/c/ea78f8c68f4f6211c557df49174c54d167821962
- https://github.com/advisories/GHSA-q4g6-xq34-4jxw