accel/amdxdna: Validate command buffer payload count_CVE-2026-23424

7.1 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Validate command buffer payload count

The count field in the command header is used to determine the valid
payload size. Verify that the valid payload does not exceed the remaining
buffer space.

Basic Information

ID CVE-2026-23424

Source Linux

Published Apr 3, 2026 at 13:24

Modified Apr 27, 2026 at 14:02

Affected Product

Vendor Linux

Product Linux

Version aac243092b707bb3018e951d470cc1a9bcbaba6c

Affected Versions Linux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c
Linux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c
Linux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c
Linux Linux 6.14

References

{
    "lastseen": "",
    "description": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Validate command buffer payload count\n\nThe count field in the command header is used to determine the valid\npayload size. Verify that the valid payload does not exceed the remaining\nbuffer space.",
    "published": "2026-04-03T13:24:32.622Z",
    "modified": "2026-04-27T14:02:16.224Z",
    "type": "cve",
    "title": "accel/amdxdna: Validate command buffer payload count",
    "source": "Linux",
    "references": "https://git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1\nhttps://git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2\nhttps://git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416",
    "id": "CVE-2026-23424",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Linux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c\nLinux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c\nLinux Linux aac243092b707bb3018e951d470cc1a9bcbaba6c\nLinux Linux 6.14",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linux",
    "version": "aac243092b707bb3018e951d470cc1a9bcbaba6c",
    "vendor": "Linux",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply