In the Linux kernel, the following vulnerability has been resolved:
RDMA/core: Validate the passed in fops for ibgetucaps()
Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same dev_t it can masquerade as a ucap cdev fd.
Test the f_ops to only accept authentic cdevs.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53188.json",
"cna_assigner": "Linux"
}