CVE-2026-43400 PUBLISHED

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Assigner: Linux
Reserved: 01.05.2026 Published: 08.05.2026 Updated: 09.05.2026

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu: add upper bound check on user inputs in signal ioctl

Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM and could be exploited.

So check these input value against AMDGPU_USERQ_MAX_HANDLES which is big enough value for genuine use cases and could potentially avoid OOM.

(cherry picked from commit be267e15f99bc97cbe202cd556717797cdcf79a5)

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from a292fdecd72834b3bec380baa5db1e69e7f70679 to 6fff5204d8aa26b1be50b6427f833bd3e8899c4f (excl.)
  • affected from a292fdecd72834b3bec380baa5db1e69e7f70679 to 46630d966b99b0fc6cb01fef4110587f3375a0c0 (excl.)
  • affected from a292fdecd72834b3bec380baa5db1e69e7f70679 to ea78f8c68f4f6211c557df49174c54d167821962 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 6.16 is affected
  • unaffected from 0 to 6.16 (excl.)
  • unaffected from 6.18.19 to 6.18.* (incl.)
  • unaffected from 6.19.9 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References