vcn 4 vulnerability

The vcn 4 vulnerability tag covers content related to CVE-2026-46204, a Linux kernel bug in the AMDGPU VCN 4 command parsing within the drm/amdgpu driver. This out-of-bounds read flaw was disclosed by NVD and fixed by replacing unsafe indirect-buffer reads with a bounds-checked helper. A key theme is the uncertainty created when a vulnerability is published without a CVSS score, forcing defenders to make patching decisions without the usual severity shorthand. The tag highlights risks at the intersection of graphics drivers, media acceleration, and GPU-heavy workloads in production environments.