Buffer Overflow Vulnerability in Linux Kernel Affecting RDMA Drivers
CVE-2026-53371

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
19 July 2026

What is CVE-2026-53371?

A vulnerability exists in the Linux kernel related to the RDMA subsystem, where the node_desc field may not be properly NUL-terminated. The issue arises when data written to node_desc sysfs file exceeds 64 bytes without a NUL byte, leading to the potential for unbounded reads across adjacent memory fields. Specifically, the ionic hca_type_show() handler's use of an unbounded format specifier does not enforce boundaries, creating a risk that can be exploited via userspace interactions. This vulnerability reveals underlying risks associated with how input data is handled in system interfaces, necessitating careful validation mechanisms.

Affected Version(s)

Linux 2075bbe8ef03914aa2211035eec45d1d3a5c4ff2 < 61df14f306f153bffa2f3c74a94ff5a85c99fa39

Linux 2075bbe8ef03914aa2211035eec45d1d3a5c4ff2

Linux 2075bbe8ef03914aa2211035eec45d1d3a5c4ff2 < 654a27f25530d052eeedf086e6c3e2d585c203bd

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.