Off-by-One Vulnerability in Linux Kernel's HVC IUCV Driver
CVE-2026-53306

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53306?

In the Linux kernel's hvc_iucv driver, an off-by-one vulnerability allows potential improper access to the hvc_iucv_table array. The maximum number of lines is specified by MAX_HVC_IUCV_LINES, yet a mistake in checking the device counter can lead to out-of-bounds access. When hvc_iucv_devices equals eight, the control flows incorrectly allow access to hvc_iucv_table[8], creating a security risk. This flaw has been addressed in subsequent kernel updates.

Affected Version(s)

Linux 44a01d5ba8a4d543694461cd3e178cfa6b3f221b < 3d3b89e6ab93bdd0efd45828bda6b0e61cc46dff

Linux 44a01d5ba8a4d543694461cd3e178cfa6b3f221b < 484357dff256c816d9466bda35eb765685e4dc86

Linux 44a01d5ba8a4d543694461cd3e178cfa6b3f221b < 11207e42a332eb8bbcb9fe74df9edd2a807c5607

References

https://git.kernel.org/stable/c/3d3b89e6ab93bdd0efd45828b...

https://git.kernel.org/stable/c/484357dff256c816d9466bda3...

https://git.kernel.org/stable/c/11207e42a332eb8bbcb9fe74d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53306 Data

JSON