CVE-2026-43206
Out-of-Bounds Write in Linux Kernel AMDKFD Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel within the drm/amdkfd component, specifically in the kfd_event_page_set() function.
The function writes a fixed amount of bytes (KFD_SIGNAL_EVENT_LIMIT * 8) using memset without verifying the actual size of the buffer provided.
Because of this lack of boundary checking, an unprivileged userspace process can supply a smaller buffer and cause an out-of-bounds write in kernel memory.
This out-of-bounds write can potentially lead to privilege escalation.
How can this vulnerability impact me? :
The vulnerability allows unprivileged userspace to perform an out-of-bounds write in kernel memory.
This can lead to privilege escalation, meaning an attacker could gain higher-level access or control over the system than intended.
Such unauthorized privilege escalation can compromise system security, potentially allowing attackers to execute arbitrary code, access sensitive data, or disrupt system operations.