CVE-2026-52983

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: airoha: fix BQL imbalance in TX path

Fix a possible BQL imbalance in airoha_dev_xmit(), where inflight packets are accounted only for the AIROHA_NUM_TX_RING netdev TX queues. The queue index is computed as:

qid = skb_get_queue_mapping(skb) % ARRAY_SIZE(qdma->q_tx)
txq = netdev_get_tx_queue(dev, qid);

However, airoha_qdma_tx_napi_poll() accounts completions across all netdev TX queues (num_tx_queues), leading to inconsistent BQL accounting.

Also reset all netdev TX queues in the ndo_stop callback.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1d304174106c93ce05f6088813ad7203b3eb381a < aaad53a55812acd2355c0e5478896381e78b0110affected
LinuxLinux1d304174106c93ce05f6088813ad7203b3eb381a < ded2694247a55a16d0ebbe2d6f9139305c21457aaffected
LinuxLinux1d304174106c93ce05f6088813ad7203b3eb381a < 2d9f5a118205da2683ffcec78b9347f1f01a820eaffected
LinuxLinuxca24fcac1daaa5e8a667981d81986a3eb4b9fb04affected
LinuxLinux6.12.91 < 6.13affected
LinuxLinux6.13affected
LinuxLinux0 < 6.13unaffected
LinuxLinux6.18.33 <= 6.18.*unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References