Eloi Sanfelix

**Name of the Vulnerable Software and Affected Versions** Linux Kernel versions prior to 5.19-rc4 **Description** A flaw was found in the Linux kernel's udmabuf device driver, specifically within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. The vulnerability can be exploited by a user in the kvm group. **Recommendations** For Linux Kernel versions prior to 5.19-rc4, update to version 5.19-rc4 or later to resolve the issue. As a temporary workaround, consider restricting access to the /dev/udmabuf device to minimize the risk of exploitation. Avoid using the udmabuf device driver until the issue is resolved.