Out-of-Bounds Read in AMDGPU vcn4 DRM Driver
CVE-2026-46199 Published on May 28, 2026
drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
Check bounds against the end of the BO whenever we access the msg.
Products Associated with CVE-2026-46199
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below 88411caee8f576d6b5abf6531232fcc0ce756dc5 is affected.
- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below c72a8b4dc6d598e3831ef3abd9c6527dfbf4810e is affected.
- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below 7688143ca62edeecacb3ba0a2cea129dbd262a18 is affected.
- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below 63b51e8a9d54317d31cc3856c1e12407070d5fc2 is affected.
- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below 3c817a60b09eaab926e475088e750936efcc95ae is affected.
- Version 87cc7f9ebf7ce10f82250002d667ef3e93a79d44 and below 0a78f2bac1424deb7c9d5e09c6b8e849d8e8b648 is affected.
- Version 5.13 is affected.
- Before 5.13 is unaffected.
- Version 6.1.175, <= 6.1.* is unaffected.
- Version 6.6.140, <= 6.6.* is unaffected.
- Version 6.12.90, <= 6.12.* is unaffected.
- Version 6.18.32, <= 6.18.* is unaffected.
- Version 7.0.9, <= 7.0.* is unaffected.
- Version 7.1-rc1, <= * is unaffected.
Exploit Probability
EPSS
0.01%
Percentile
2.50%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.