CVE-2026-53188

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/core: Validate the passed in fops for ib_get_ucaps()

Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same dev_t it can masquerade as a ucap cdev fd.

Test the f_ops to only accept authentic cdevs.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux61e51682816d395307f78ae06d640089054c28ab < 96b6e98ff12d50ed5817230c6f1188e1150d225daffected
LinuxLinux61e51682816d395307f78ae06d640089054c28ab < aa181287ebdcc53ee0ba5c2f8243e2d541ebc19baffected
LinuxLinux61e51682816d395307f78ae06d640089054c28ab < 4a1b1ac2744694a2ecd66a84bdb1445f4ef24beeaffected
LinuxLinux6.15affected
LinuxLinux0 < 6.15unaffected
LinuxLinux6.18.36 <= 6.18.*unaffected
LinuxLinux7.0.13 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References