CVE-2026-53205

Source
https://cve.org/CVERecord?id=CVE-2026-53205
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53205.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53205
Downstream
Related
Published
2026-06-25T08:39:12.268Z
Modified
2026-07-08T08:12:41.375864800Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
accel/ivpu: Add bounds checks for firmware log indices
Details

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Add bounds checks for firmware log indices

Add validation that read and write indices in the firmware log buffer are within valid bounds (< data_size) before using them. If out-of-bounds indices are encountered (from firmware), clamp them to safe values instead of proceeding with invalid offsets.

This prevents potential out-of-bounds buffer access when firmware supplies invalid log indices.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53205.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0923a7d55a85179744926b7c11768a81679cc4d4
Fixed
5961c703414048f46818be8bbb11075a9a63fb4e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4
Fixed
8ec70c0dbdf04392a26e03e38798a373934177be
Fixed
535da9ad8420c3b686a642403d4147ff220255fd
Fixed
dd1311bcf0e62f0c515115f46a3813370f4a4bb1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6.12.30
Fixed
6.12.94

Affected versions

v6.*
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.55
v6.12.56
v6.12.57
v6.12.58
v6.12.59
v6.12.60
v6.12.61
v6.12.62
v6.12.63
v6.12.64
v6.12.65
v6.12.66
v6.12.67
v6.12.68
v6.12.69
v6.12.70
v6.12.71
v6.12.72
v6.12.73
v6.12.74
v6.12.75
v6.12.76
v6.12.77
v6.12.78
v6.12.79
v6.12.80
v6.12.81
v6.12.82
v6.12.83
v6.12.84
v6.12.85
v6.12.86
v6.12.87
v6.12.88
v6.12.89
v6.12.90
v6.12.91
v6.12.92
v6.12.93

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53205.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.12.94
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.36
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53205.json"