CVE-2026-23424 — Out-of-bounds Write in Linux

CWE-787 — Out-of-bounds Write7 documents7 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 94.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel

Timeline

PublishedApr 3

Description

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space.

Affected Packages2 packages

▶Debianlinux/linux_kernel< 6.19.8-1

▶CVEListV5linux/linuxaac243092b707bb3018e951d470cc1a9bcbaba6c — 3464e751755172ddbb849c1bd92f5f59e95c59a1+3

🔴Vulnerability Details

GHSA

GHSA-mhv3-v49w-phxv: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the comm↗2026-04-03

▶

CVEList

accel/amdxdna: Validate command buffer payload count↗2026-04-03

▶

OSV

CVE-2026-23424: In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the comman↗2026-04-03

▶

📋Vendor Advisories

Red Hat

kernel: accel/amdxdna: Validate command buffer payload count↗2026-04-03

▶

Debian

CVE-2026-23424: linux - In the Linux kernel, the following vulnerability has been resolved: accel/amdxd...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-23424 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶