What is CVE-2026-23424?

CVE-2026-23424 is a high-severity vulnerability in Linux. CVSS score: 7.1/10. Published 2026-04-03.

How severe is CVE-2026-23424?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Linux

CVE-2026-23424

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload doe…

EPSS: 0.000 (3.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H.

Affected products

Linux — versions aac243092b707bb3018e951d470cc1a9bcbaba6c, 6.14, 0

References

git.kernel.org/stable/c/3464e751755172ddbb849c1bd92f5f59e95c59a1
git.kernel.org/stable/c/3ed2ae6b3fe869f99b75afd02045ba5c0c0773e2
git.kernel.org/stable/c/901ec3470994006bc8dd02399e16b675566c3416

Frequently asked questions

What is CVE-2026-23424?: CVE-2026-23424 is a high-severity vulnerability in Linux. CVSS score: 7.1/10. Published 2026-04-03.
How severe is CVE-2026-23424?: High severity. CVSS v3 base score is 7.1 out of 10.