CVE-2026-53118

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2026-53118
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53118.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-53118
Downstream
Published
2026-06-24T16:30:49.308Z
Modified
2026-06-25T04:05:22.326701237Z
Summary
vdpa: use generic driver_override infrastructure
Details

In the Linux kernel, the following vulnerability has been resolved:

vdpa: use generic driver_override infrastructure

When a driver is probed through __driverattach(), the bus' match() callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause a UAF.

Fix this by using the driver-core driver_override infrastructure taking care of proper locking internally.

Note that calling match() from _driverattach() without the device lock held is intentional. [1]

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53118.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
539fec78edb4e084e7c532affc56cc42d4ceea4b
Fixed
654ef9c33e138ede6734ac286282df9faf83cd11
Fixed
fb5cb4913ce333cc4647722e8c2b8378e12f2464
Fixed
85bb534ff12aab6916058897b39c748940a7a4c6

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53118.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
6.18.33
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53118.json"