-

CVE-2026-53117

s390/cio: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved:

s390/cio: use generic driver_override infrastructure

When a driver is probed through __driver_attach(), the bus' match()
callback is called without the device lock held, thus accessing the
driver_override field without a lock, which can cause a UAF.

Fix this by using the driver-core driver_override infrastructure taking
care of proper locking internally.

Note that calling match() from __driver_attach() without the device lock
held is intentional. [1]
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version ebc3d179150347f3b6d97d8f249378bb2218f95e
Version < c4295487124f461405e1ef64dfa8c4ab0cb7ebcf
Status affected
Version ebc3d179150347f3b6d97d8f249378bb2218f95e
Version < 106d594711e97762788046c5bbb94f580abc4bf4
Status affected
Version ebc3d179150347f3b6d97d8f249378bb2218f95e
Version < 2081957d8c323ffb58a10bc64837717ac5a042a1
Status affected
Version ebc3d179150347f3b6d97d8f249378bb2218f95e
Version < b660ba045b2b22cf3b4be72773de00cb48f47be5
Status affected
Version ebc3d179150347f3b6d97d8f249378bb2218f95e
Version < ac4d8bb6e2e13e8684a76ea48d13ebaaaf5c24c4
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.3
Status affected
Version 0
Version < 5.3
Status unaffected
Version <= 6.6.*
Version 6.6.141
Status unaffected
Version <= 6.12.*
Version 6.12.91
Status unaffected
Version <= 6.18.*
Version 6.18.33
Status unaffected
Version <= 7.0.*
Version 7.0.10
Status unaffected
Version <= *
Version 7.1
Status unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.067
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/c4295487124f461405e1ef64dfa8c4ab0cb7ebcf
https://git.kernel.org/stable/c/106d594711e97762788046c5bbb94f580abc4bf4
https://git.kernel.org/stable/c/2081957d8c323ffb58a10bc64837717ac5a042a1
https://git.kernel.org/stable/c/b660ba045b2b22cf3b4be72773de00cb48f47be5
https://git.kernel.org/stable/c/ac4d8bb6e2e13e8684a76ea48d13ebaaaf5c24c4