CVE-2026-23149

CWE-6817 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl() Since GEM bo handles are u32 in the uapi and the internal implementation uses idr_alloc() which uses int ranges, passing a new handle larger than INT_MAX trivially triggers a kernel warning: idr_alloc(): ... if (WARN_ON_ONCE(start < 0)) return -EINVAL; ... Fix it by rejecting new handles above INT_MAX and at the same time make the end lim

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.186.18.9+1
CVEListV5linux/linux53096728b8910c6916ecc6c46a5abc5c678b58d9ae8831ee0fb2f5f41f39722e7b3749d65bb78d08+2
Debianlinux< 6.18.9-1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-f36v-x2cg-pr97: In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_i2026-02-14
CVEList
drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()2026-02-14
OSV
CVE-2026-23149: In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_io2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()2026-02-14
Debian
CVE-2026-23149: linux - In the Linux kernel, the following vulnerability has been resolved: drm: Do not...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23149 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23149 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io