CVE-2026-23338
MEDIUM EPSS 2.2%
Published Mar 25, 20263mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Published Mar 25, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small num_fences, or the required number can legitimately grow between the two calls to the userq wait ioctl. In both cases we do not want the emit the kernel warning backtrace since nothing is wrong with the kernel and userspace will simply get an errno reported back. So lets simply drop the WARN_ONs. (cherry picked from commit 2c333ea579de6cc20ea7bc50e9595ef72863e65c)
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 10
References 3
- git.kernel.org https://git.kernel.org/stable/c/1753f5f81ab60a553287f9ee659a6ac363adf8d7
- git.kernel.org https://git.kernel.org/stable/c/7321302edca3a349ddaea689df95b986beee6c4a
- git.kernel.org https://git.kernel.org/stable/c/7b7d7693a55d606d700beb9549c9f7f0e5d9c24f
Remediation
- git.kernel.org https://git.kernel.org/stable/c/1753f5f81ab60a553287f9ee659a6ac363adf8d7
- git.kernel.org https://git.kernel.org/stable/c/7321302edca3a349ddaea689df95b986beee6c4a
- git.kernel.org https://git.kernel.org/stable/c/7b7d7693a55d606d700beb9549c9f7f0e5d9c24f