3 matches found
CVE-2026-23327
In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxlpayloadfromuserallowed cxlpayloadfromuserallowed casts and dereferences the input payload without first verifying its size. When a raw mailbox command is sent with a...
CVE-2026-23327
In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxlpayloadfromuserallowed cxlpayloadfromuserallowed casts and dereferences the input payload without first verifying its size. When a raw mailbox command is sent with a...
PT-2026-27692
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0 Description The Linux kernel contains a flaw in the cxl/mbox subsystem. Specifically, the cxl payload from user allowed function casts and dereferences input payload data without first verifying its size...