CVE-2026-53118

UNKNOWN 0.0

vdpa: use generic driver_override infrastructure

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: vdpa: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' match() callback is called without the device lock held, thus accessing the driver_override field without a lock, which can cause a UAF. Fix this by using the driver-core driver_override infrastructure taking care of proper locking internally. Note that calling match() from __driver_attach() without the device lock held is intentional. [1]

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

539fec78edb4e084e7c532affc56cc42d4ceea4b < 654ef9c33e138ede6734ac286282df9faf83cd11 539fec78edb4e084e7c532affc56cc42d4ceea4b < fb5cb4913ce333cc4647722e8c2b8378e12f2464 539fec78edb4e084e7c532affc56cc42d4ceea4b < 85bb534ff12aab6916058897b39c748940a7a4c6

Linux / Linux

5.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/654ef9c33e138ede6734ac286282df9faf83cd11 git.kernel.org: https://git.kernel.org/stable/c/fb5cb4913ce333cc4647722e8c2b8378e12f2464 git.kernel.org: https://git.kernel.org/stable/c/85bb534ff12aab6916058897b39c748940a7a4c6