You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-23468
About this tag
CVE-2026-23468 is a resource-exhaustion vulnerability in the AMDGPU kernel driver that allows userspace to request an excessive number of buffer-object list entries, leading to memory exhaustion and CPU processing delays. The fix introduces a hard limit of 128k BO list entries, rejecting larger requests with -EINVAL. Microsoft has published security guidance for this CVE. Discussions on WindowsForum cover the technical details of the flaw, the kernel patch, and its implications for system stability and security.
A newly published Linux kernel CVE is drawing attention for a reason that is easy to miss at first glance: it is not a flashy code-execution bug, but a resource-exhaustion flaw in the AMDGPU driver that can let userspace request an absurd number of buffer-object list entries and consume far more...