Home

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpu_userq_wait_ioctl can lead to a OOM and could be exploited. So check these input value against AMDGPU_USERQ_MAX_HANDLES which is big enough value for genuine use cases and could potentially avoid OOM. v2: squash in Srini's fix (cherry picked from commit fcec012c664247531aed3e662f4280ff804d1476)

PUBLISHED Reserved 2026-05-01 | Published 2026-05-08 | Updated 2026-05-11 | Assigner Linux

Product status

Default status
unaffected

a292fdecd72834b3bec380baa5db1e69e7f70679 (git) before b1d10508da559da2e0ca9cca6505094a7df948e1
affected

a292fdecd72834b3bec380baa5db1e69e7f70679 (git) before 3cd93bc695b3456f26f5ed52753d9071da26202a
affected

a292fdecd72834b3bec380baa5db1e69e7f70679 (git) before 64ac7c09fc44985ec9bb6a9db740899fa40ca613
affected

Default status
affected

6.16
affected

Any version before 6.16
unaffected

6.18.19 (semver)
unaffected

6.19.9 (semver)
unaffected

7.0 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/b1d10508da559da2e0ca9cca6505094a7df948e1

git.kernel.org/...c/3cd93bc695b3456f26f5ed52753d9071da26202a

git.kernel.org/...c/64ac7c09fc44985ec9bb6a9db740899fa40ca613

cve.org (CVE-2026-43398)

nvd.nist.gov (CVE-2026-43398)

Download JSON