CVE-2026-43400

EUVD-2026-28706
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and
could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES
which is big enough value for genuine use cases and could
potentially avoid OOM.

(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
6.16 ≤
𝑥
< 6.18.19
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.9
linuxlinux_kernel
7.0:rc1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.174-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.257-1
fixed
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.94-1
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.138.1-1.azl3
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/46630d966b99b0fc6cb01fef4110587f3375a0c0
https://git.kernel.org/stable/c/6fff5204d8aa26b1be50b6427f833bd3e8899c4f
https://git.kernel.org/stable/c/ea78f8c68f4f6211c557df49174c54d167821962