The Linux kernel entry for CVE-2026-23236 closes a small but important memory‑handling bug in the legacy fbdev driver for the SMSC UFX USB framebuffer (smscufx): the UFX_IOCTL_REPORT_DAMAGE ioctl did not copy user-provided data into kernel memory safely and instead directly referenced user...
