CVE-2026-23288 — Vulnetix

CVE-2026-23288 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset() before verifying the available slot space can result in an out-of-bounds write and memory corruption. Fix this by moving the memset() call after the size validation.

EPSS 0.02% · 6.7th percentile

Risk Scores

EPSS Score

0.02%

6.7th percentile

Affected Products

Vendor	Product	Versions
Linux	Linux	6.19.7, 0, 6.19.7
linux	linux_kernel	6.19.4, 6.19.4, 7.0-rc1

Exploit Intelligence

https://git.kernel.org/stable/c/cca770d710d5e03bc814af585cd6975eb6d74074 (circl)
https://git.kernel.org/stable/c/1110a949675ebd56b3f0286e664ea543f745801c (circl)

Timeline

Mar 25, 2026 EPSS Score
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 29, 2026 Security Advisory
Apr 2, 2026 CVE Updated
May 18, 2026 EPSS Score
May 19, 2026 EPSS Score
May 20, 2026 EPSS Score
May 21, 2026 EPSS Score
May 22, 2026 EPSS Score
May 23, 2026 EPSS Score
May 24, 2026 EPSS Score

References

https://git.kernel.org/stable/c/cca770d710d5e03bc814af585cd6975eb6d74074 url
https://git.kernel.org/stable/c/1110a949675ebd56b3f0286e664ea543f745801c url
https://nvd.nist.gov/vuln/detail/CVE-2026-23288 advisory

Open in Interactive Console →