HarborGuard / CVE
Back to search
HIGHCVE-2026-46197Published Modified CNA Linux

CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. (cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)

HarborGuard Analysis

HarborGuard analysis

Synopsis

An out-of-bounds buffer access vulnerability exists in the Linux kernel's AMD GPU driver (drm/amdkfd), specifically in the SVM (Shared Virtual Memory) ioctl handler. The flaw is reachable locally by a low-privileged user who can submit crafted ioctl calls with a manipulated attribute count (nattr) field that exceeds the actual buffer size. Successful exploitation gives an attacker full read, write, and crash capability over the affected host. A patched-image rebuild is available on HarborGuard for environments running affected kernel versions.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream Linux kernel and NVD feeds within minutes of publication and matched against customer images, including custom-built images that carry vulnerable kernel versions. Any image whose kernel version falls within the affected range is flagged automatically in the customer registry and CI pipeline scan.

Available
Triage

HarborGuard scores this CVE at CVSS 7.8 HIGH (vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and surfaces it with per-environment compliance policy weighting to route the finding to the appropriate team inbox within each customer organization.

Available
Patch

A patched-image rebuild targeting fix versions 6.6.140, 6.12.90, and 6.18.32 (and the corresponding upstream commits) is available on HarborGuard for environments running an affected kernel version. For customers who opt into auto-remediation, HarborGuard performs a rebuild, runs a regression test suite, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityNot required

    The attacker needs an existing shell or process on the host; no network path to the vulnerable code is required.

  • AuthenticationRequired

    Any low-privilege local account is sufficient to issue the crafted ioctl; no elevated or administrative credentials are needed.

  • Victim interactionNot required

    No user interaction is required; the attacker triggers the vulnerability entirely through their own process.

  • Attack complexityDetail

    Exploit reliability is high and the attack is condition-free, with no race conditions or special memory layout requirements needed.

Blast Radius

  • A successful attacker reads arbitrary kernel memory, including credentials, keys, and session data accessible to the kernel at the time of the read.
  • The attacker writes to arbitrary kernel memory, enabling privilege escalation to root or modification of security-relevant kernel state.
  • The attacker crashes the affected kernel, taking down all workloads running on that host.
  • Any container sharing the host kernel is exposed to the same impact, since the vulnerability sits in a kernel driver rather than userspace.

How HarborGuard Handles This

Available on HarborGuard: detection fires within minutes of ingestion for any image carrying a kernel version in the affected range, including custom-built images. Where compliance policy permits, a patched-image rebuild at the fixed kernel versions (6.6.140, 6.12.90, or 6.18.32, depending on the branch in use) becomes available immediately. For customers with auto-remediation enabled, HarborGuard triggers a rebuild, runs the regression suite, and opens a PR against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in environments with auto-remediation enabled. For environments where auto-remediation is not permitted, HarborGuard surfaces the finding with CVSS context and fix-version details so teams can schedule a manual kernel update. As an interim compensating control, restricting access to the AMD GPU device nodes (for example via device cgroup rules or by removing unnecessary GPU access from container definitions) limits exposure to workloads that actually require the drm/amdkfd interface.

See how HarborGuard automates this

Metrics

CVSS v3.1
7.8
Severity
HIGH
Fixed in
0
Affected Products
2

Fix available

0045e0ff208f0838a246c10204105126611b267a16.6.1406.12.906.18.326abd3a4417cb73a7d0db7e25bf11fae1074bdba37.0.97.1-rc291c6dc5a41695d02dfc6299f106ac38a6c493e52ccd060b5c7cc75ae7e211c250b97c5b6272e7efcdb9530a9873a7c85d2266a922589ebcf427fa631
Affected packages
  • Linux / Linux
    < 91c6dc5a41695d02dfc6299f106ac38a6c493e52 (from 42de677f79999791bee4e21be318c32d90ab62c6) · < ccd060b5c7cc75ae7e211c250b97c5b6272e7efc (from 42de677f79999791bee4e21be318c32d90ab62c6) · < db9530a9873a7c85d2266a922589ebcf427fa631 (from 42de677f79999791bee4e21be318c32d90ab62c6) · < 6abd3a4417cb73a7d0db7e25bf11fae1074bdba3 (from 42de677f79999791bee4e21be318c32d90ab62c6) · < 045e0ff208f0838a246c10204105126611b267a1 (from 42de677f79999791bee4e21be318c32d90ab62c6)
  • Linux / Linux
    5.14
    Fixed in 0, 6.6.140, 6.12.90, 6.18.32, 7.0.9, 7.1-rc2
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References