CVE-2026-46311

Source
https://cve.org/CVERecord?id=CVE-2026-46311
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46311.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46311
Downstream
Related
Published
2026-06-08T15:50:41.866Z
Modified
2026-07-10T03:54:45.410084388Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
drm/amdgpu/userq: fix access to stale wptr mapping
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/amdgpu/userq: fix access to stale wptr mapping

Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly.

This fixes the security issue of unmap the wptr_obj while a queue creation is in progress and passing other bo at same address.

(cherry picked from commit 1fc6c8ab45dbee096469c08c13f6099d57a52d6c)

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46311.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5fb2f7fc21a3668e5794cc0d153641b9719713e1
Fixed
336a9186f3a4b65bbd865d93936605ac8a1a3991
Fixed
6da7b1242da4455b11c24ce667d1cab1a348c8ea

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46311.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.16.0
Fixed
7.0.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46311.json"