HIGHCVE-2026-23424Published Modified CNA Linux
CVE-2026-23424: accel/amdxdna: Validate command buffer payload count
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space.
Metrics
- CVSS v3.1
- 7.1
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
03464e751755172ddbb849c1bd92f5f59e95c59a13ed2ae6b3fe869f99b75afd02045ba5c0c0773e26.18.176.19.77.0901ec3470994006bc8dd02399e16b675566c3416
Affected packages
- Linux / Linux< 3464e751755172ddbb849c1bd92f5f59e95c59a1 (from aac243092b707bb3018e951d470cc1a9bcbaba6c) · < 3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2 (from aac243092b707bb3018e951d470cc1a9bcbaba6c) · < 901ec3470994006bc8dd02399e16b675566c3416 (from aac243092b707bb3018e951d470cc1a9bcbaba6c)
- Linux / Linux6.14Fixed in 0, 6.18.17, 6.19.7, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H