Overflow Vulnerability in Linux Kernel Affects AMD Graphics Driver
CVE-2026-46237

7.1HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46237?

A vulnerability exists in the Linux kernel related to the AMD graphics driver (amdgpu) that could lead to an overflow condition during message bound checks. This flaw was identified and resolved following concerns raised by SDL regarding potential exploitation through improper handling of inputs. Implementing the provided fixes is crucial for maintaining the integrity and security of systems that rely on AMD Radeon hardware with the VCN3 technology.

Affected Version(s)

Linux f55552adb100eb54a6e6dabff4fbdc8679bd3fa0 < 94a2b37399807fd2ca78dc1906986c4fbd72968e

Linux 82c535eff05490c71153af57de9fe85502fcb5d5 < 95b0f6df8d7fad2eabf265d2c3d2538ef58e4465

Linux 638d3e0b9eb77aa53fdd60e2b928761d16ba76fa < 1936310f68c54be961de38ac539cef9b543207cb

References

https://git.kernel.org/stable/c/94a2b37399807fd2ca78dc190...

https://git.kernel.org/stable/c/95b0f6df8d7fad2eabf265d2c...

https://git.kernel.org/stable/c/1936310f68c54be961de38ac5...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46237 Data

JSON