CVE-2026-23424 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

accel/amdxdna: Validate command buffer payload count

The count field in the command header is used to determine the valid
payload size. Verify that the valid payload does not exceed the remaining
buffer space.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1
https://git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2
https://git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416

History

Fri, 03 Apr 2026 14:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space.
Title		accel/amdxdna: Validate command buffer payload count
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1 https://git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2 https://git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-04-03T13:24:32.622Z

Updated: 2026-04-03T13:24:32.622Z

Reserved: 2026-01-13T15:37:46.015Z

Link: CVE-2026-23424

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-04-03T14:16:28.623

Modified: 2026-04-03T16:10:23.730

Link: CVE-2026-23424

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23424", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:37:46.015Z", "datePublished": "2026-04-03T13:24:32.622Z", "dateUpdated": "2026-04-03T13:24:32.622Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-03T13:24:32.622Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/amdxdna: Validate command buffer payload count\n\nThe count field in the command header is used to determine the valid\npayload size. Verify that the valid payload does not exceed the remaining\nbuffer space."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/amdxdna_ctx.c"], "versions": [{"version": "aac243092b707bb3018e951d470cc1a9bcbaba6c", "lessThan": "3464e751755172ddbb849c1bd92f5f59e95c59a1", "status": "affected", "versionType": "git"}, {"version": "aac243092b707bb3018e951d470cc1a9bcbaba6c", "lessThan": "3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2", "status": "affected", "versionType": "git"}, {"version": "aac243092b707bb3018e951d470cc1a9bcbaba6c", "lessThan": "901ec3470994006bc8dd02399e16b675566c3416", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/amdxdna/amdxdna_ctx.c"], "versions": [{"version": "6.14", "status": "affected"}, {"version": "0", "lessThan": "6.14", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.17", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.7", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.18.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "6.19.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.14", "versionEndExcluding": "7.0-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1"}, {"url": "https://git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2"}, {"url": "https://git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416"}], "title": "accel/amdxdna: Validate command buffer payload count", "x_generator": {"engine": "bippy-1.2.0"}}}}