CVE-2026-46218

EUVD-2026-32845
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: Add bounds checking to ib_{get,set}_value

The uvd/vce/vcn code accesses the IB at predefined offsets without
checking that the IB is large enough. Check the bounds here. The caller
is responsible for making sure it can handle arbitrary return values.

Also make the idx a uint32_t to prevent overflows causing the condition
to fail.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.2 ≤
𝑥
< 6.1.175
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.140
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.90
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.32
linuxlinux_kernel
6.19 ≤
𝑥
< 7.0.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.176-1
fixed
bookworm (security)
6.1.176-1
fixed
bullseye
vulnerable
bullseye (security)
vulnerable
forky
7.1.3-1
fixed
sid
7.1.3-1
fixed
trixie
6.12.94-1
fixed
trixie (security)
6.12.95-1
fixed
linux-6.1
bullseye (security)
6.1.176-1~deb11u1
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
kernel
Azure Linux 3.0
0:6.6.141.1-1.azl3
fixed