CVE-2026-46197 Linux CVE debrief

Who should care

Organizations running Linux systems with AMD GPUs, particularly those using ROCm/HSA compute workloads. Cloud providers and HPC environments with AMD GPU infrastructure. System administrators responsible for kernel security maintenance.

Technical summary

The vulnerability exists in the drm/amdkfd driver's SVM (Shared Virtual Memory) ioctl implementation. The `nattr` parameter, which indicates the number of attributes provided by userspace, was not validated against the actual size of the attribute buffer. This allowed a malicious or malformed userspace application to specify a `nattr` value larger than the allocated buffer, causing the kernel to read or write beyond buffer boundaries during attribute processing. The fix introduces proper bounds validation to ensure `nattr` does not exceed the buffer capacity before attribute iteration occurs.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates from your Linux distribution that include the amdkfd SVM ioctl fix
• Verify running kernel version against patched versions in stable kernel branches
• For systems using AMD ROCm/HSA compute workloads, prioritize kernel updates
• Monitor NVD for CVSS score assignment once analysis is complete

Evidence notes

CVE description confirms the vulnerability is in drm/amdkfd SVM ioctl handling. The fix validates nattr against buffer size to prevent out-of-bounds access. Five kernel.org stable branch commits are referenced, indicating backports to multiple kernel versions. No CVSS score or severity rating has been assigned by NVD (status: Awaiting Analysis).

Official resources