Security Vulnerability CVE-2026-46230 in AMDGPU-VCN3 Driver Endangers Video Decoders Under Linux

The AMDGPU open‑source driver powers the video‑decode and encode engines of Radeon GPUs on Linux, with the Video Core Next 3.0 (VCN 3) block handling formats such as H.264, HEVC and AV1. A static‑analysis sweep uncovered CVE‑2026‑46230, a missing bounds check in the message‑buffer handling code. Assigned a CVSS 3.1 score of 7.1, the flaw allows a crafted user‑space request to read or write beyond the allocated buffer, potentially exposing kernel memory or triggering a system crash. The vulnerability was disclosed on 28 May 2026 and patched in the mainline kernel by inserting explicit size validation.

While the attack vector requires local privileges—typically a compromised user process—the impact is significant for multi‑tenant environments such as cloud GPU passthrough or shared workstations. An attacker who can inject a malformed buffer could extract sensitive kernel data or destabilize the host, a scenario that mirrors recent AMDGPU issues like CVE‑2026‑46199 and CVE‑2026‑46204 affecting the newer VCN 4 engine, as well as a SDMA fence bug (CVE‑2026‑46220). The clustering of these bugs suggests that legacy driver code is being reused across generations without consistent hardening, exposing a systemic validation gap.

Administrators should verify that their distributions have incorporated the upstream patch, either through the latest stable kernel or backported updates for long‑term‑support releases. Cloud providers and enterprises running GPU‑accelerated workloads ought to prioritize the update, given the higher likelihood of untrusted local access. The episode also underscores the value of automated static analysis in the open‑source ecosystem; finding flaws before they are weaponized reduces exposure and forces vendors to address deep‑seated code‑reuse issues. Ongoing scrutiny of AMDGPU’s video pathways will be essential as newer hardware generations roll out.