CVE-2026-52979

UNKNOWN 0.0

net: psp: check for device unregister when creating assoc

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc psp_assoc_device_get_locked() obtains a psp_dev reference via psp_dev_get_for_sock() (which uses psp_dev_tryget() under RCU); it then acquires psd->lock and drops the reference. Before the lock is taken, psp_dev_unregister() can run to completion: take psd->lock, clear out state, unlock, drop the registration reference. The expectation is that the lock prevents device unregistration, but much like with netdevs special care has to be taken when "upgrading" a reference to a locked device. Add the missing check if device is still alive. psp_dev_is_registered() exists already but had no callers, which makes me wonder if I either forgot to add this or lost the check during refactoring...

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

6b46ca260e2290e3453d1355ab5b6d283d73d780 < d90df5ce6deb2424de3ad89bcc693ac1b67accc9 6b46ca260e2290e3453d1355ab5b6d283d73d780 < e201c57073e624dd2ba5beaf9eda31e19b77b332 6b46ca260e2290e3453d1355ab5b6d283d73d780 < b89769f936a8fa9e66de72ddc1b71a9745a488e6

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/d90df5ce6deb2424de3ad89bcc693ac1b67accc9 git.kernel.org: https://git.kernel.org/stable/c/e201c57073e624dd2ba5beaf9eda31e19b77b332 git.kernel.org: https://git.kernel.org/stable/c/b89769f936a8fa9e66de72ddc1b71a9745a488e6