Primary

Context

Linux Kernel AMDGPU VCN3 Message Buffer Overflow Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's AMDGPU VCN3 decoder can lead to buffer overflow issues. This vulnerability arises from improper boundary checks when parsing decode messages, which could allow out-of-bounds reads. The issue affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability could result in buffer overflow, potentially leading to arbitrary code execution or memory corruption.

Reproduction

The vulnerability can be reproduced by sending a decode message that includes an offset and size. If the size is less than 4 or if the offset and size calculations overflow, the decoder may read beyond the intended memory bounds, causing an out-of-bounds read.

Remediation

Users can upgrade to the latest stable version of the Linux kernel where this vulnerability has been addressed.

Added: May 28, 2026, 10:33 AM

Updated: May 28, 2026, 10:33 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.9

exploitability

4.3

remediation

7.7

relevance

9.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.9

exploitability

4.3

remediation

7.7

relevance

9.6

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel AMDGPU VCN3 Message Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating