Description
In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/vcn4: Avoid overflow on msg bound check

As pointed out by SDL, the previous condition may be vulnerable to
overflow.

(cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885)
Published: 2026-05-28
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A kernel buffer overflow was identified in the AMD VCN4 driver within the Linux DRM subsystem. The flaw arises when the driver performs a message bound check without preventing integer overflow, permitting an attacker to craft malformed data that overflows internal limits. This can corrupt kernel memory or lead to arbitrary code execution, enabling a local privileged escalation attack. The weakness corresponds to CWE‑190 (Integer Overflow or Wraparound).

Affected Systems

All Linux kernel releases that include the AMD VCN4 DRM driver are affected, specifically the drm/amdgpu/vcn4 component. The vulnerability exists in every kernel where this driver was compiled without the security patch. No specific vendor versions are listed beyond the Linux kernel itself, so any distribution using the vulnerable kernel is impacted.

Risk and Exploitability

The CVSS score is not provided, and the EPSS score is not available, so the precise risk magnitude cannot be quantified. However, as this flaw is in kernel space, a successful exploit would grant the attacker root privileges. The vulnerability is likely exploitable only by local users who can control the Vulkan or DRM interfaces, implying a local attack vector. The kernel’s design and lack of a KEV listing suggest the risk is medium to high in environments where privileged users may aim to compromise system integrity.

Generated by OpenCVE AI on May 28, 2026 at 12:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that includes commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885 to remediate the integer overflow in the AMD VCN4 driver.
  • If a kernel upgrade cannot be applied immediately, restrict access to the DRM subsystem by disabling or sandboxing the amdgpu module until the patch is applied.
  • Monitor kernel changelogs and security advisories for future related updates to ensure comprehensive protection against similar integer overflow vulnerabilities.

Generated by OpenCVE AI on May 28, 2026 at 12:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 13:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190

Thu, 28 May 2026 10:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. (cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885)
Title drm/amdgpu/vcn4: Avoid overflow on msg bound check
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-28T09:40:33.705Z

Reserved: 2026-05-13T15:03:33.105Z

Link: CVE-2026-46217

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T10:16:37.330

Modified: 2026-05-28T13:44:01.663

Link: CVE-2026-46217

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T15:15:19Z

Weaknesses