VYPR
Medium severity5.5NVD Advisory· Published May 8, 2026· Updated May 21, 2026

CVE-2026-43400

CVE-2026-43400

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES which is big enough value for genuine use cases and could potentially avoid OOM.

(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >=6.16,<6.18.19
    • cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
  • Linux/drm/amdgpullm-create

Patches

Vulnerability mechanics

References

3

News mentions

1