CVE-2026-43400
Buffer Overflow Protection Bypass in AMDGPU Linux Kernel
Publication date: 2026-05-08
Last updated on: 2026-05-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amd | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's AMD GPU driver, specifically in the drm/amdgpu component. It involves the amdgpu_userq_signal_ioctl function, where very large input values can cause an out-of-memory (OOM) condition. This happens because there was no upper bound check on user inputs, allowing potentially excessive resource allocation requests.
The issue was fixed by adding an upper bound check against AMDGPU_USERQ_MAX_HANDLES, a limit that is sufficiently large for legitimate use cases but prevents inputs that could lead to OOM.
How can this vulnerability impact me? :
If exploited, this vulnerability could cause the system to run out of memory (OOM), potentially leading to denial of service (DoS) conditions. An attacker could supply huge input values to the affected ioctl call, exhausting system resources and causing instability or crashes.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that your Linux kernel is updated to a version that includes the fix for the drm/amdgpu component where an upper bound check on user inputs in signal ioctl was added.
This fix prevents huge input values in amdgpu_userq_signal_ioctl from causing an out-of-memory (OOM) condition by checking these input values against AMDGPU_USERQ_MAX_HANDLES.
Therefore, applying the latest kernel patches or upgrading your kernel to a version containing the commit be267e15f99bc97cbe202cd556717797cdcf79a5 is the recommended immediate step.