CVE-2026-53146

Source
https://cve.org/CVERecord?id=CVE-2026-53146
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53146.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53146
Downstream
Related
Published
2026-06-25T08:38:32.877Z
Modified
2026-07-08T08:09:45.923372690Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
Summary
thunderbolt: Limit XDomain response copy to actual frame size
Details

In the Linux kernel, the following vulnerability has been resolved:

thunderbolt: Limit XDomain response copy to actual frame size

tbxdomaincopy() copies req->response_size bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the valid frame data in the DMA pool buffer into stale contents from previous transactions.

Use the minimum of frame size and expected response size for the copy length.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53146.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
cdae7c07e3e3509eaabc18c1640a55dc5b99c179
Fixed
c55da494dfb445fb28df3a9d293c2be6a299cd01
Fixed
7720654b4842bcdfeb64bc002f6186041849e1e7
Fixed
033dfa63bf6be2653441a1dccae4a8313a91bb9d
Fixed
fc261397295b8ad0654cec747b0ec25ea0011995
Fixed
a15b6d3136accb2bf84b04d9a3ddd991f7fbf1cb
Fixed
b5daa920f44cb582272fc9bfaeb67408776cbaef
Fixed
b2c1e5d9f1598cc1a4736d5c6bd1218f90805ee4
Fixed
4db2bd2ed4785dbadaeeab9f4e346b21ac5fb8eb

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53146.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.15.0
Fixed
5.10.259
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.210
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.176
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.143
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.94
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.36
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53146.json"