CVE-2026-23236

HIGH 7.3

fbdev: smscufx: properly copy ioctl memory to kernelspace

CVSS Score

7.3

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Mar 4, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Linux / Linux

3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 061cfeb560aa3ddc174153dbe5be9d0b55eb7248 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 6167af934f956d3ae1e06d61f45cd0d1004bbe1a 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < a0321e6e58facb39fe191caa0e52ed9aab6a48fe 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 0634e8d650993602fc5b389ff7ac525f6542e141 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 52917e265aa5f848212f60fc50fc504d8ef12866 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 1c008ad0f0d1c1523902b9cdb08e404129677bfc 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < f1e91bd4efeae48b0f42caed7e8ce2e3a0d05b02 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 < 120adae7b42faa641179270c067864544a50ab69

Linux / Linux

3.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗