CVE-2026-23280
Integer Overflow in Linux Kernel amdxdna Component Causes Memory Corruption
Publication date: 2026-03-25
Last updated on: 2026-04-02
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel within the accel/amdxdna component. It involves a potential overflow in the calculation of the ubuf size, which can cause the size to wrap around and result in an allocation that is smaller than intended.
Because of this undersized allocation, memory corruption may occur. The vulnerability is addressed by using check_add_overflow() helper functions to ensure the size calculation does not overflow before memory allocation.
How can this vulnerability impact me? :
The vulnerability can lead to memory corruption due to an undersized memory allocation caused by an overflow in the ubuf size calculation.
Memory corruption can cause unpredictable behavior in the system, including crashes, data corruption, or potentially exploitable conditions that could be leveraged by attackers to compromise system integrity.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability in the Linux kernel related to accel/amdxdna involves a ubuf size overflow that may cause memory corruption. To mitigate this vulnerability, you should update your Linux kernel to a version where this issue has been resolved.
The fix involves using check_add_overflow() helpers to validate size calculations before allocation, preventing the overflow.