CVE-2026-43206

Advisory lineage Upstream: 0 Downstream: 6

Downstream

DEBIAN-CVE-2026-43206 SUSE-SU-2026:2310-1 SUSE-SU-2026:2331-1 SUSE-SU-2026:2332-1 SUSE-SU-2026:2383-1 UBUNTU-CVE-2026-43206

Analyzed

Published: 06 May 2026, 11:28

Last modified:11 May 2026, 22:20

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

v3.1 (cve.org)

EPSS Score

0.14% LOW

0% probability +0.12%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 May 2026, 11:28

Published

Vulnerability first disclosed

11 May 2026, 22:20

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() The kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of bounds kernel memory write by passing a small buffer, leading to potential privilege escalation.

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.14%• Percentile: 4%

Techniques & Countermeasures

CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 3e04bc310d80b46eaf481f1fefcbcb37a187412d | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < de8d7a25cd2eb5875b1d8d4fbc7fe4b4138b781f | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < b4034442cb090e4a980bdcc1540948606cbc951b | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 4857c37c7ba9aa38b9a4c694e8bd8d0091c87940 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 75fb57efdd7863fffbc39db23e9cad7aafda26ed | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < bfcd6b53e1f4feb182952f4ff9a137c36ceaf20b | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 4e72f419e4ed44cb3b60506752d8688c20a60a9b | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 8a70a26c9f34baea6c3199a9862ddaff4554a96d | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < 3e04bc310d80b46eaf481f1fefcbcb37a187412d | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < de8d7a25cd2eb5875b1d8d4fbc7fe4b4138b781f | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < b4034442cb090e4a980bdcc1540948606cbc951b | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < 4857c37c7ba9aa38b9a4c694e8bd8d0091c87940 | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < 75fb57efdd7863fffbc39db23e9cad7aafda26ed | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < bfcd6b53e1f4feb182952f4ff9a137c36ceaf20b | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < 4e72f419e4ed44cb3b60506752d8688c20a60a9b | ≥ 0fc8011f89feb8b2c3008583b777d097e1974660, < 8a70a26c9f34baea6c3199a9862ddaff4554a96d | 4.17
linux•linux_kernel
≥ 4.17, < 5.10.252 | ≥ 5.11, < 5.15.202 | ≥ 5.16, < 6.1.165 | ≥ 6.2, < 6.6.128 | ≥ 6.7, < 6.12.75 | ≥ 6.13, < 6.18.16 | ≥ 6.19, < 6.19.6