Buffer Overflow in Linux Kernel Due to DMA Mapping Mechanism
CVE-2026-23390

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
25 March 2026

What is CVE-2026-23390?

A vulnerability exists in the Linux kernel's handling of DMA mapping tracepoints, specifically related to the dma_map_sg function. This issue can lead to a buffer overflow when processing large scatter-gather lists, especially when interacting with devices like virtio-gpu that generate sizable DRM buffers. The tracepoint may attempt to allocate more memory than permitted, surpassing the defined maximum trace size and resulting in warnings related to insufficient buffer size. The implemented solution caps the dynamic arrays to a maximum of 128 entries, which prevents overflow while ensuring efficient memory usage.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 038eb433dc1474c4bc7d33188294e3d4778efdfd < 02d209bb018a40dee9eac89e91860253dee9605b

Linux 038eb433dc1474c4bc7d33188294e3d4778efdfd

Linux 038eb433dc1474c4bc7d33188294e3d4778efdfd

References

https://git.kernel.org/stable/c/02d209bb018a40dee9eac89e9...
https://git.kernel.org/stable/c/f2584f791a10343bdc995ff6f...
https://git.kernel.org/stable/c/daafcc0ef0b358d9d622b6e3b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.