{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23280", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:45.992Z", "datePublished": "2026-03-25T10:26:41.088Z", "dateUpdated": "2026-03-25T10:26:41.088Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-03-25T10:26:41.088Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Prevent ubuf size overflow\n\nThe ubuf size calculation may overflow, resulting in an undersized\nallocation and possible memory corruption.\n\nUse check_add_overflow() helpers to validate the size calculation before\nallocation."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/amdxdna_ubuf.c"], "versions": [{"version": "bd72d4acda1069579b35123e3cc0b21ec1193a21", "lessThan": "1500b31db94374a6669e73ce94d6f71cf8e85e06", "status": "affected", "versionType": "git"}, {"version": "bd72d4acda1069579b35123e3cc0b21ec1193a21", "lessThan": "972bf4a23478fcb247b4f507d47a584bc8aea5bd", "status": "affected", "versionType": "git"}, {"version": "bd72d4acda1069579b35123e3cc0b21ec1193a21", "lessThan": "03808abb1d868aed7478a11a82e5bb4b3f1ca6d6", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/amdxdna_ubuf.c"], "versions": [{"version": "6.18", "status": "affected"}, {"version": "0", "lessThan": "6.18", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1500b31db94374a6669e73ce94d6f71cf8e85e06"}, {"url": "https://git.kernel.org/stable/c/972bf4a23478fcb247b4f507d47a584bc8aea5bd"}, {"url": "https://git.kernel.org/stable/c/03808abb1d868aed7478a11a82e5bb4b3f1ca6d6"}], "title": "accel/amdxdna: Prevent ubuf size overflow", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Prevent ubuf size overflow\n\nThe ubuf size calculation may overflow, resulting in an undersized\nallocation and possible memory corruption.\n\nUse check_add_overflow() helpers to validate the size calculation before\nallocation."}], "id": "CVE-2026-23280", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T11:16:22.523", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/03808abb1d868aed7478a11a82e5bb4b3f1ca6d6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1500b31db94374a6669e73ce94d6f71cf8e85e06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/972bf4a23478fcb247b4f507d47a584bc8aea5bd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: accel/amdxdna: Prevent ubuf size overflow", "id": "2451197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451197"}, "csaw": false, "cwe": "CWE-190", "details": ["A flaw was found in the Linux kernel's accel/amdxdna component. The calculation for the ubuf size may overflow, leading to an undersized memory allocation. This can result in memory corruption, potentially allowing an attacker to cause a denial of service or execute arbitrary code."], "name": "CVE-2026-23280", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-23280\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23280\nhttps://lore.kernel.org/linux-cve-announce/2026032523-CVE-2026-23280-cd9e@gregkh/T"]}

{"analysis": {"en": {"generated_at": "2026-03-25T12:42:04.351892+00:00", "value": {"mitigation_remediation": ["Apply the latest Linux kernel release that includes the fix for this bug."], "summary": {"action": "Apply Patch", "impact": "Memory Corruption"}, "threat_synthesis": {"affected_systems": "The flaw exists in the core Linux kernel source and affects all distributions that ship a kernel build prior to incorporating the patched commit (03808abb1d868aed7478a11a82e5bb4b3f1ca6d6). Any system with the AMD XDNA accelerator path enabled is vulnerable until the kernel is updated.", "description_and_impact": "An integer overflow occurs in the Linux kernel driver for the AMD XDNA accelerator when calculating a temporary buffer size. The overflow causes an undersized allocation, allowing later writes to exceed the allocated memory bounds. This kernel memory corruption could be exploited to overwrite critical data structures, potentially leading to privilege escalation, denial of service, or erratic system behavior.", "risk_and_exploitability": "No CVSS score or EPSS data is provided, and the vulnerability is not listed in CISA\u2019s KEV catalog. It requires local interaction with the AMD XDNA driver to trigger the overflow, and no public exploits have been reported. The risk is considered moderate pending deployment of the fix, with the primary threat being potential privilege escalation if the corruption targets kernel control structures."}}}}, "created": "2026-03-25T21:15:50.270391+00:00", "updated": "2026-03-25T21:15:50.270449+00:00", "vendors": [], "weaknesses": ["CWE-680", "CWE-119"]}