CVE-2026-46217 - Vulnerability Details

Description

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: 2026-05-28

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

A kernel buffer overflow was identified in the AMD VCN4 driver within the Linux DRM subsystem. The flaw arises when the driver performs a message bound check without preventing integer overflow, permitting an attacker to craft malformed data that overflows internal limits. This can corrupt kernel memory or lead to arbitrary code execution, enabling a local privileged escalation attack. The weakness corresponds to CWE‑190 (Integer Overflow or Wraparound).

Affected Systems

All Linux kernel releases that include the AMD VCN4 DRM driver are affected, specifically the drm/amdgpu/vcn4 component. The vulnerability exists in every kernel where this driver was compiled without the security patch. No specific vendor versions are listed beyond the Linux kernel itself, so any distribution using the vulnerable kernel is impacted.

Risk and Exploitability

The CVSS score is 5.5, indicating a moderate severity, and the EPSS score is < 1%, suggesting a low likelihood of exploitation. However, as this flaw is in kernel space, a successful exploit would grant the attacker root privileges. The vulnerability is likely exploitable only by local users who can control the Vulkan or DRM interfaces, implying a local attack vector. The kernel’s design and lack of a KEV listing suggest the risk is medium to high in environments where privileged users may aim to compromise system integrity.

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[c72a8b4dc6d598e3831ef3abd9c6527dfbf4810e,5bb5faff4837b1d98fd655cf8bd7b5d4da0fc4dc)`	affected	code_commit	—
`[7688143ca62edeecacb3ba0a2cea129dbd262a18,73043d296787bf187d89ffb5c5dcf5bdc3db7885)`	affected	code_commit	—
`[63b51e8a9d54317d31cc3856c1e12407070d5fc2,271cd5429513ff9b364a9bf8903e5b65b687eb25)`	affected	code_commit	—
`[3c817a60b09eaab926e475088e750936efcc95ae,30d12ee310a6024ff4c7b9eafdbbeab2db450d4a)`	affected	code_commit	—
`[0a78f2bac1424deb7c9d5e09c6b8e849d8e8b648,65bce27ea6192320448c30267ffc17ffa094e713)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`7.1-rc1`	affected	semver	—
`[0,7.1-rc1)`	unaffected	semver	—
`[7.1-rc2,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest kernel update that includes commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885 to remediate the integer overflow in the AMD VCN4 driver.
If a kernel upgrade cannot be applied immediately, restrict access to the DRM subsystem by disabling or sandboxing the amdgpu module until the patch is applied.
Monitor kernel changelogs and security advisories for future related updates to ensure comprehensive protection against similar integer overflow vulnerabilities.

Generated by OpenCVE AI on June 10, 2026 at 21:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2026052836-CVE-2026-46217-8f9a@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-46217
https://www.cve.org/CVERecord?id=CVE-2026-46217

History

Mon, 15 Jun 2026 10:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-674
CPEs	cpe:2.3:o:linux:linux_kernel:7.1:rc1::::::
References	https://git.kernel.org/stable/c/271cd5429513ff9b364a9bf8903e5b65b687eb25 https://git.kernel.org/stable/c/30d12ee310a6024ff4c7b9eafdbbeab2db450d4a https://git.kernel.org/stable/c/5bb5faff4837b1d98fd655cf8bd7b5d4da0fc4dc https://git.kernel.org/stable/c/65bce27ea6192320448c30267ffc17ffa094e713 https://git.kernel.org/stable/c/73043d296787bf187d89ffb5c5dcf5bdc3db7885 https://git.kernel.org/stable/c/f7bf02dcb7c76229ea8ace11b7d0d0c7b87ee57e
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 15 Jun 2026 10:00:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. (cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885)	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	drm/amdgpu/vcn4: Avoid overflow on msg bound check	kernel: drm/amdgpu/vcn4: Avoid overflow on msg bound check
CPEs	cpe:2.3:o:linux:linux_kernel::::::::

Wed, 10 Jun 2026 19:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-674
CPEs		cpe:2.3:o:linux:linux_kernel:7.1:rc1::::::
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 01 Jun 2026 17:00:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/f7bf02dcb7c76229ea8ace11b7d0d0c7b87ee57e

Fri, 29 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2026052836-CVE-2026-46217-8f9a@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-46217 https://www.cve.org/CVERecord?id=CVE-2026-46217

Thu, 28 May 2026 13:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-190

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. (cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885)
Title		drm/amdgpu/vcn4: Avoid overflow on msg bound check
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/271cd5429513ff9b364a9bf8903e5b65b687eb25 https://git.kernel.org/stable/c/30d12ee310a6024ff4c7b9eafdbbeab2db450d4a https://git.kernel.org/stable/c/5bb5faff4837b1d98fd655cf8bd7b5d4da0fc4dc https://git.kernel.org/stable/c/65bce27ea6192320448c30267ffc17ffa094e713 https://git.kernel.org/stable/c/73043d296787bf187d89ffb5c5dcf5bdc3db7885

Subscriptions

Linux Linux Kernel

MITRE

Status: REJECTED

Assigner: Linux

Published: 2026-05-28T09:40:33.705Z

Updated: 2026-06-15T08:04:41.866Z

Reserved: 2026-05-13T15:03:33.105Z

Link: CVE-2026-46217

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2026-05-28T10:16:37.330

Modified: 2026-06-15T10:16:28.713

Link: CVE-2026-46217

Redhat

Severity :

Publid Date: 2026-05-28T00:00:00Z

Links: CVE-2026-46217 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-10T21:15:26Z

Weaknesses

CWE-190
Integer Overflow or Wraparound

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object