Listen to this Post
In the Linux kernel, the AMDGPU driver’s VCN (Video Codec Next) 4.0 decoder includes a function `vcn_v4_0_dec_msg()` that parses user‑supplied decoder messages. The driver lacks sufficient bounds checking while advancing a pointer (msg) through a buffer object (BO). An attacker can craft a malicious decoder message with an invalid length or malformed buffer indices. When the kernel tries to read beyond the allocated buffer’s end, it performs an out‑of‑bounds (OOB) read.
The OOB access remains inside kernel memory, meaning it can read kernel‑space data that belongs to other processes or the kernel itself. The issue was introduced during the addition of VCN 4.0 hardware support and affects all kernel versions that contain the vulnerable code path.
Exploitation requires local access and the ability to submit a specially crafted decoder job through the AMD GPU device interface. No special privileges are needed beyond being able to open the `/dev/dri/renderD` device and send IOCTL commands. The vulnerability does not require any interaction from a higher‑privileged user.
Because the read occurs in a context that processes hardware‑decoder messages, the attacker can influence which kernel memory areas are leaked. The CVSS 3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H, resulting in a base score of 7.1 (HIGH). Confidentiality is impacted because kernel memory can be disclosed, while integrity is not affected. Availability is also impacted because a carefully crafted OOB read can lead to a kernel panic or system instability.
The fix adds a simple check: before each access to the message pointer, the kernel verifies that the pointer remains within the bounds of the buffer object. If the pointer would exceed the buffer’s end, the operation is aborted and an error is returned to userspace.
This vulnerability is particularly interesting because it lives in a very specific hardware path – the VCN 4.0 decoder – and was not caught by generic fuzzing. It demonstrates the need for rigorous bounds checking even in “low‑level” driver code that is often trusted. The Linux kernel community backported the fix to all affected stable kernel series, and the fix is now included in the latest stable releases.
DailyCVE Form:
Platform: Linux Kernel
Version: up to 6.6.139/6.12.89/6.18.31/7.0.8
Vulnerability: Out-of-bounds Read
Severity: HIGH (CVSS 7.1)
date: 2026‑05‑28
Prediction: 2026‑05‑28
What Undercode Say:
Check running kernel version uname -r Show if amdgpu module is loaded and its VCN version lsmod | grep amdgpu modinfo amdgpu | grep -i vcn Check for presence of the vulnerable file find /lib/modules -name vcn_v4_0.ko 2>/dev/null Attempt to read kernel log for VCN decoder errors dmesg | grep -i vcn | grep -i 'out-of-bounds|oob'
Exploit:
A local attacker submits a decoder message where the `msg` pointer is advanced past the buffer object’s end. By carefully controlling the out‑of‑bounds offset, kernel memory contents (e.g., page tables, process credentials, or other sensitive data) can be leaked. A simple proof‑of‑concept could use an AMDGPU test program or a modified `amdgpu_dec_test` to send a malformed message.
Protection:
- Upgrade to a fixed kernel version:
6.6.140,6.12.90,6.18.32,7.0.9, or later. - If patching is not possible, disable the `amdgpu` kernel module (only practical if AMD GPU is not required).
- Use kernel lockdown or a security module (e.g., SELinux) to restrict access to the `/dev/dri` devices for unprivileged users.
Impact:
Successful exploitation allows an unprivileged local user to read arbitrary kernel memory, leading to information disclosure (e.g., kernel pointers, encryption keys) and potential kernel panic (denial of service). The confidentiality impact is HIGH, and the availability impact is also HIGH, making this a serious local privilege‑escalation precursor.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
