Primary

Context

Linux Kernel Integer Overflow Vulnerability in AMD CDNA Acceleration Driver

Vulnerability

Patched

An integer overflow vulnerability has been identified in the Linux kernel's AMD CDNA acceleration driver, specifically within the 'aie2_query_ctx_status_array' function. This vulnerability arises from a potential user-controlled size overflow, which, while not expected to cause immediate harm, necessitates the implementation of stricter input validation. The issue has been addressed by introducing conditions to ensure that the 'element_size' does not exceed 4KB and the 'num_element' is limited to 1KB.

Impact

Exploitation of this vulnerability could lead to a user-controlled integer overflow, potentially allowing for memory corruption or other unintended behavior.

Added: Dec 24, 2025, 11:21 AM

Updated: Dec 24, 2025, 11:21 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Integer Overflow Vulnerability in AMD CDNA Acceleration Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating