CVE-2026-53187

UNKNOWN 0.0

RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc The cpu_id attribute supplied by user space through UVERBS_ATTR_ALLOC_DMAH_CPU_ID is passed directly to cpumask_test_cpu() without first verifying that the value is within the valid CPU range. Passing such untrusted data to cpumask_test_cpu() may lead to an out-of-bounds read of the underlying cpumask bitmap: the helper expands to a test_bit() that indexes the bitmap by cpu_id / BITS_PER_LONG with no bound check. In addition, on kernels built with CONFIG_DEBUG_PER_CPU_MAPS it trips the WARN_ON_ONCE() in cpumask_check(); combined with panic_on_warn this turns a bad user input into a machine reboot. Reject any cpu_id that is not smaller than nr_cpu_ids with -EINVAL before it is used. Reported by Smatch.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d83edab562a496a42720902a1d2effccd05c37c5 < bd5e818be7964c1689fba2dad9e6bd3a827fee74 d83edab562a496a42720902a1d2effccd05c37c5 < 0efbb6b54ff56300867027d8e0800d0e32226a20 d83edab562a496a42720902a1d2effccd05c37c5 < 323c98a4ff06aa28114f2bf658fb43eb3b536bbc

Linux / Linux

6.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/bd5e818be7964c1689fba2dad9e6bd3a827fee74 git.kernel.org: https://git.kernel.org/stable/c/0efbb6b54ff56300867027d8e0800d0e32226a20 git.kernel.org: https://git.kernel.org/stable/c/323c98a4ff06aa28114f2bf658fb43eb3b536bbc