CVE-2026-23236
Published: Mar 4, 2026
Modified: Jun 2, 2026
CVSS v3.1
7.3
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 061cfeb560aa3ddc174153dbe5be9d0b55eb7248affected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 6167af934f956d3ae1e06d61f45cd0d1004bbe1aaffected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < a0321e6e58facb39fe191caa0e52ed9aab6a48feaffected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 0634e8d650993602fc5b389ff7ac525f6542e141affected 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 - < 52917e265aa5f848212f60fc50fc504d8ef12866+3 more versions |
Linux | Linux | affected 3.2unaffected 0 - < 3.2unaffected 5.10.251 - <= 5.10.*unaffected 5.15.201 - <= 5.15.*unaffected 6.1.164 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now