Linux Kernel Vulnerability in ENETC Driver Related to DMA Buffer Management
CVE-2026-53300
What is CVE-2026-53300?
A vulnerability in the Linux kernel's ENETC driver has been identified, involving a potential DMA use-after-free condition which could lead to silent memory corruption. The issue arises when a timeout occurs in the netc_xmit_ntmp_cmd() function without explicitly aborting the pending command. If the DMA buffer is freed and reallocated by another process, a subsequent write operation could corrupt the memory. Recent patches have addressed this by transitioning locks to a mutex from a spinlock, implementing software command buffers to track DMA buffer lifecycles, and ensuring locks are held during command executions to prevent premature buffer reclamation. These enhancements prioritize the consistent management of DMA buffers and eliminate the use-after-free risk.
Affected Version(s)
Linux 4701073c3debd16d7f534f3eb808bd9b50601c0c < 37c8933064be714ee672b0a0523c2fd045b73b3d
Linux 4701073c3debd16d7f534f3eb808bd9b50601c0c < 655d9ce9b1d3db0aa5271acb5e5101c66bd0d58b
Linux 4701073c3debd16d7f534f3eb808bd9b50601c0c < 3cade698881eb238f88cbbfec82acc2110440a3f