VYPR
← All advisories
High severity7.1NVD Advisory· Published Apr 3, 2026· Updated Apr 27, 2026

CVE-2026-23424

CVE-2026-23424

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Validate command buffer payload count

The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In the Linux kernel's amdxdna accelerator driver, missing validation of command buffer payload count allows a local attacker to cause a buffer overflow, potentially leading to memory corruption.

Root

Cause The vulnerability resides in the Linux kernel's accel/amdxdna driver. The command header contains a count field that specifies the payload size. The driver failed to validate that this payload does not exceed the remaining buffer space, leading to a potential out-of-bounds access [1].

Exploitation

An attacker with local access to the accelerator device can craft a command with an artificially large count field, causing the driver to read or write beyond the allocated buffer. No special privileges beyond the ability to interact with the device are required [1].

Impact

Successfully exploiting this vulnerability can result in memory corruption, potentially leading to system instability, information disclosure, or arbitrary code execution in kernel context.

Mitigation

The issue has been fixed in the Linux kernel by adding a validation check that ensures the payload size does not exceed the buffer space [1]. Administrators should apply the latest stable kernel updates to remediate this vulnerability.

References
  1. Making sure you're not a bot!

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

11
  • Linux/Kernel9 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.14.1,<6.18.17
    • cpe:2.3:o:linux:linux_kernel:6.14:-:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
    • cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*
  • Linux/amdxdnallm-create
  • Linux/Linux Kernel Rtllm-fuzzy

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.