CVE-2026-43400

EUVD-2026-28706
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and
could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES
which is big enough value for genuine use cases and could
potentially avoid OOM.

(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.19.14-1
fixed
sid
7.0.4-1
fixed
trixie
vulnerable
trixie (security)
vulnerable
References
https://git.kernel.org/stable/c/46630d966b99b0fc6cb01fef4110587f3375a0c0
https://git.kernel.org/stable/c/6fff5204d8aa26b1be50b6427f833bd3e8899c4f
https://git.kernel.org/stable/c/ea78f8c68f4f6211c557df49174c54d167821962