Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-23236— fbdev: smscufx: properly copy ioctl memory to kernelspace

CVSS 7.3 · High EPSS 0.01% · P2

Affected Version Matrix 18

VendorProductVersion RangeStatus
LinuxLinux3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 061cfeb560aa3ddc174153dbe5be9d0b55eb7248affected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 6167af934f956d3ae1e06d61f45cd0d1004bbe1aaffected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< a0321e6e58facb39fe191caa0e52ed9aab6a48feaffected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 0634e8d650993602fc5b389ff7ac525f6542e141affected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 52917e265aa5f848212f60fc50fc504d8ef12866affected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 1c008ad0f0d1c1523902b9cdb08e404129677bfcaffected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< f1e91bd4efeae48b0f42caed7e8ce2e3a0d05b02affected
3c8a63e22a0802fd56380f6ab305b419f18eb6f5< 120adae7b42faa641179270c067864544a50ab69affected
… +10 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-23236

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
fbdev: smscufx: properly copy ioctl memory to kernelspace
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFX_IOCTL_REPORT_DAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid data is passed from userspace. Fix this all up by correctly copying the memory before accessing it within the kernel.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于UFX_IOCTL_REPORT_DAMAGE ioctl未正确复制内存,可能导致内核空间访问无效数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 3c8a63e22a0802fd56380f6ab305b419f18eb6f5 ~ 061cfeb560aa3ddc174153dbe5be9d0b55eb7248 -
LinuxLinux 3.2 -

II. Public POCs for CVE-2026-23236

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-23236

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-03-04 · 9 CVEs total

CVE-2026-232317.8 HIGHnetfilter: nf_tables: fix use-after-free in nf_tables_addchain()
CVE-2026-23238romfs: check sb_set_blocksize() return value
CVE-2026-23237platform/x86: classmate-laptop: Add missing NULL pointer checks
CVE-2026-23235f2fs: fix out-of-bounds access in sysfs attribute read/write
CVE-2026-23234f2fs: fix to avoid UAF in f2fs_write_end_io()
CVE-2026-23233f2fs: fix to avoid mapping wrong physical block for swapfile
CVE-2026-23232Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()"
CVE-2025-71238scsi: qla2xxx: Fix bsg_done() causing double free

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2026-23236

No comments yet

Leave a comment