CVE-2026-23424

HIGH

accel/amdxdna: Validate command buffer payload count

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space.

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1

https://git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2

https://git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 3.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

Status published

Products (12)

Linux/Linux < 6.14

Linux/Linux 6.14

Linux/Linux 6.18.17 - 6.18.*

Linux/Linux 6.19.7 - 6.19.*

Linux/Linux 7.0

Linux/Linux 7.0-rc2

Linux/Linux aac243092b707bb3018e951d470cc1a9bcbaba6c - 3464e751755172ddbb849c1bd92f5f59e95c59a1

Linux/Linux aac243092b707bb3018e951d470cc1a9bcbaba6c - 3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2

Linux/Linux aac243092b707bb3018e951d470cc1a9bcbaba6c - 901ec3470994006bc8dd02399e16b675566c3416

linux/linux_kernel 6.14

... and 2 more

Published Apr 03, 2026

Tracked Since Apr 03, 2026