#VU124448 Out-of-bounds read in Linux kernel - CVE-2026-23390
Published: March 25, 2026
Vulnerability identifier: #VU124448
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-23390
CWE-ID: CWE-125
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in the dma_map_sg tracepoint when handling large scatter-gather lists. A local user can trigger the tracepoint with a large scatter-gather list to cause a perf buffer overflow, resulting in a denial of service.
The tracepoint is used during DMA mapping operations and can be triggered when tracing is enabled. The buffer overflow occurs because the size of the trace data exceeds the maximum allowed size in the perf buffer, leading to a kernel warning and potential system instability.
Remediation
Install security update from vendor's repository.