In the Linux kernel, the following vulnerability has been resolved:
net: mana: Use pci_name() for debugfs directory naming
Use pciname(pdev) for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislot_name(pdev->slot) for VFs. The previous approach had two issues:
pcislotname() dereferences pdev->slot, which can be NULL for VFs in environments like generic VFIO passthrough or nested KVM, causing a NULL pointer dereference.
Multiple PFs would all use "0", and VFs across different PCI domains or buses could share the same slot name, leading to -EEXIST errors from debugfscreatedir().
pci_name(pdev) returns the unique BDF address, is always valid, and is unique across the system.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53324.json",
"cna_assigner": "Linux"
}