CVE-2026-23236
HIGHLinux Kernel 3.2-5.10.251 - Unauthenticated Memory Corruption via UFX_IOCTL_REPORT_DAMAGE
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.
References (8)
Core 8
Core References
Scores
CVSS v3
7.3
EPSS
0.0001
EPSS Percentile
1.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Details
Status
published
Products (20)
Linux/Linux
< 3.2
Linux/Linux
3.2
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 061cfeb560aa3ddc174153dbe5be9d0b55eb7248
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 0634e8d650993602fc5b389ff7ac525f6542e141
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 120adae7b42faa641179270c067864544a50ab69
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 1c008ad0f0d1c1523902b9cdb08e404129677bfc
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 52917e265aa5f848212f60fc50fc504d8ef12866
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - 6167af934f956d3ae1e06d61f45cd0d1004bbe1a
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - a0321e6e58facb39fe191caa0e52ed9aab6a48fe
Linux/Linux
3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - f1e91bd4efeae48b0f42caed7e8ce2e3a0d05b02
... and 10 more
Published
Mar 04, 2026
Tracked Since
Mar 04, 2026