CVE-2026-46197 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdkfd: validate SVM ioctl nattr against buffer size

Validate nattr field against the buffer size, preventing
out-of-bounds buffer access via user-controlled attribute count.

(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 91c6dc5a41695d02dfc6299f106ac38a6c493e52
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< ccd060b5c7cc75ae7e211c250b97c5b6272e7efc
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< db9530a9873a7c85d2266a922589ebcf427fa631
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 6abd3a4417cb73a7d0db7e25bf11fae1074bdba3
`1da177e4c3f41524e886b7f1b8a0c1fc7321cac2`	affected	< 045e0ff208f0838a246c10204105126611b267a1
`0`	affected	< 6.6.140
`0`	affected	< 6.12.90
`0`	affected	< 6.18.32
`0`	affected	< 7.0.9

Linux

affected

Version	Status	Constraints
`6.6.140`	unaffected	≤ 6.6.*
`6.12.90`	unaffected	≤ 6.12.*
`6.18.32`	unaffected	≤ 6.18.*
`7.0.9`	unaffected	≤ 7.0.*
`7.1-rc2`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/045e0ff208f0838a246c10204105126611b267a1
https://git.kernel.org/stable/c/6abd3a4417cb73a7d0db7e25bf11fae1074bdba3
https://git.kernel.org/stable/c/91c6dc5a41695d02dfc6299f106ac38a6c493e52
https://git.kernel.org/stable/c/ccd060b5c7cc75ae7e211c250b97c5b6272e7efc
https://git.kernel.org/stable/c/db9530a9873a7c85d2266a922589ebcf427fa631

History

Thu, 28 May 2026 13:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-787

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. (cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)
Title		drm/amdkfd: validate SVM ioctl nattr against buffer size
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/045e0ff208f0838a246c10204105126611b267a1 https://git.kernel.org/stable/c/6abd3a4417cb73a7d0db7e25bf11fae1074bdba3 https://git.kernel.org/stable/c/91c6dc5a41695d02dfc6299f106ac38a6c493e52 https://git.kernel.org/stable/c/ccd060b5c7cc75ae7e211c250b97c5b6272e7efc https://git.kernel.org/stable/c/db9530a9873a7c85d2266a922589ebcf427fa631

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:40:13.722Z

Updated: 2026-05-28T09:40:13.722Z

Reserved: 2026-05-13T15:03:33.104Z

Link: CVE-2026-46197

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:35.360

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46197

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-28T16:15:03Z

Weaknesses

CWE-787

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object