Linux Kernel Vulnerability in Phonet Socket Handling by Vendor
CVE-2026-53292

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53292?

A vulnerability in the Linux kernel's Phonet socket handling can lead to kernel panics when specific error conditions are met during socket binding. The function pn_socket_autobind() mistakenly triggers a BUG_ON assertion when it encounters an invalid bind error while the socket appears unbound. This mismanagement could allow user-triggerable crashes instead of returning a standard error code. By modifying the error handling approach, the kernel can handle erroneous states more gracefully, ensuring system stability and preventing unexpected crashes.

Affected Version(s)

Linux ba113a94b7503ee23ffe819e7045134b0c1d31de < 6db58ee730bf434d1afca91b91826e26688856ed

Linux ba113a94b7503ee23ffe819e7045134b0c1d31de < 5b0c911bcdbd982f7748d11c0b39ec5808eae2de

Linux 2.6.28

References

https://git.kernel.org/stable/c/6db58ee730bf434d1afca91b9...

https://git.kernel.org/stable/c/5b0c911bcdbd982f7748d11c0...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53292 Data

JSON