CVE-2026-46199

Source
https://cve.org/CVERecord?id=CVE-2026-46199
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46199.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46199
Downstream
Related
Published
2026-05-28T09:40:16.061Z
Modified
2026-07-15T01:48:50.598566050Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg

Check bounds against the end of the BO whenever we access the msg.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46199.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
87cc7f9ebf7ce10f82250002d667ef3e93a79d44
Fixed
88411caee8f576d6b5abf6531232fcc0ce756dc5
Fixed
c72a8b4dc6d598e3831ef3abd9c6527dfbf4810e
Fixed
7688143ca62edeecacb3ba0a2cea129dbd262a18
Fixed
63b51e8a9d54317d31cc3856c1e12407070d5fc2
Fixed
3c817a60b09eaab926e475088e750936efcc95ae
Fixed
0a78f2bac1424deb7c9d5e09c6b8e849d8e8b648

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46199.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.90
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.32
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46199.json"