CVE-2026-23236

MEDIUM EPSS 10.7%
Published Mar 4, 20263mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 4, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥3.2  –  <5.10.251
linuxlinux_kernel*≥5.11  –  <5.15.201
linuxlinux_kernel*≥5.16  –  <6.1.164
linuxlinux_kernel*≥6.2  –  <6.6.127
linuxlinux_kernel*≥6.7  –  <6.12.74
linuxlinux_kernel*≥6.13  –  <6.18.13
linuxlinux_kernel*≥6.19  –  <6.19.3

References 9

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-253495.html
  • git.kernel.org https://git.kernel.org/stable/c/061cfeb560aa3ddc174153dbe5be9d0b55eb7248
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0634e8d650993602fc5b389ff7ac525f6542e141
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/120adae7b42faa641179270c067864544a50ab69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c008ad0f0d1c1523902b9cdb08e404129677bfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52917e265aa5f848212f60fc50fc504d8ef12866
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6167af934f956d3ae1e06d61f45cd0d1004bbe1a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a0321e6e58facb39fe191caa0e52ed9aab6a48fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1e91bd4efeae48b0f42caed7e8ce2e3a0d05b02
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/061cfeb560aa3ddc174153dbe5be9d0b55eb7248
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/0634e8d650993602fc5b389ff7ac525f6542e141
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/120adae7b42faa641179270c067864544a50ab69
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1c008ad0f0d1c1523902b9cdb08e404129677bfc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52917e265aa5f848212f60fc50fc504d8ef12866
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6167af934f956d3ae1e06d61f45cd0d1004bbe1a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a0321e6e58facb39fe191caa0e52ed9aab6a48fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f1e91bd4efeae48b0f42caed7e8ce2e3a0d05b02
    Patch