CVE-2026-53149

UNKNOWN 0.0

thunderbolt: Bound root directory content to block size

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size __tb_property_parse_dir() does not check that content_offset + content_len fits within block_len for the root directory case. When rootdir->length equals or exceeds block_len - 2, the entry loop reads past the allocated property block. Add a bounds check after computing content_offset and content_len to reject directories whose content extends past the block.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 5c7657d38d07268124782f03519f07c22a5814fb cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < b212bc161d8a9937b42153723a4a3f2f74fab528 cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 1912be23daf4afc8d24ce916021ab68ca4c679db cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 4d0b1524caadb04c10a71f3f88692c63dcb39115 cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 0a32040a48db8cf35de48b85d6115df5623e4964 cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 60ba6217460792356a238299edd675d91d46bab4 cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < cbeb68cbaa0a6f979ef428a7f2d0268c082ba166 cdae7c07e3e3509eaabc18c1640a55dc5b99c179 < 65423079c7420e3dbf9a7aa345c243a3f5752e5d

Linux / Linux

4.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗