Linux Kernel Vulnerability in Mana Driver Affecting DebugFS Directory Naming
CVE-2026-53324

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53324?

The vulnerability in the Linux kernel's Mana driver pertains to the improper naming of debugfs directories, which can lead to operational inconsistencies. Previously, the use of hardcoded values for device naming created instances of NULL pointer dereference when dealing with Virtual Functions (VFs), especially in configurations such as generic VFIO passthrough or nested KVM. Additionally, multiple Physical Functions (PFs) would inadvertently share the name '0', complicating directory management and resulting in errors when creating directories. The recommended change to use pci_name(pdev) guarantees a unique and valid directory name across the system, thus preventing potential operational failures.

Affected Version(s)

Linux 6607c17c6c5e029da03a90085db22daf518232bf < 34dbd7b819544c99c9d96b400fe4db613f40ac4b

Linux 6607c17c6c5e029da03a90085db22daf518232bf < 9211eb97e8f8c28bf9313ab97862d143dbbbef97

Linux 6607c17c6c5e029da03a90085db22daf518232bf

References

https://git.kernel.org/stable/c/34dbd7b819544c99c9d96b400...

https://git.kernel.org/stable/c/9211eb97e8f8c28bf9313ab97...

https://git.kernel.org/stable/c/c116f07ab9d22bb6f355f3cf9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53324 Data

JSON