CVE-2026-53336

Source
https://cve.org/CVERecord?id=CVE-2026-53336
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53336.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53336
Downstream
Published
2026-07-01T13:32:18.489Z
Modified
2026-07-08T08:13:44.354349300Z
Summary
nvmem: layouts: onie-tlv: fix hang on unknown types
Details

In the Linux kernel, the following vulnerability has been resolved:

nvmem: layouts: onie-tlv: fix hang on unknown types

The EEPROM on my board has a vendor specific entry of type 0x41. When stumbling upon that, this driver hangs in an endless loop.

Fix it by keep incrementing the offset on unknown entries, so the loop will eventually stop.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53336.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d3c0d12f6474216bf386101e2449cc73e5c5b61d
Fixed
033d498b0f473c6456be5f885be172024ad84972
Fixed
fd47edeabadfaa75422009dc5894e92c4c697517
Fixed
4a4d21f531ccf5bb333d99b620e0d66551f3652c
Fixed
4f27eb01619c36cc8e3ce9a2a9af97f145f5d1c6
Fixed
ea41020b9018e31c2ea7e9d89021e3e6d7470883

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53336.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.6.143
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.94
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.36
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.13

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53336.json"