CVE-2026-53149
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk7th percentile — higher than 7% of all known CVEs
Summary
In the Linux kernel's Thunderbolt driver, a vulnerability was found due to missing bounds check for root directory content offset and length against block size. This can cause out-of-bounds memory read when processing properties.
Risk Assessment
An attacker could exploit this vulnerability to read memory beyond allocated bounds, potentially leading to information disclosure or system instability.
Recommendation
Immediately update the Linux kernel to a version containing the fix that adds bounds validation for the root directory in the Thunderbolt driver.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size __tb_property_parse_dir() does not check that content_offset + content_len fits within block_len for the root directory case. When rootdir->length equals or exceeds block_len - 2, the entry loop reads past the allocated property block. Add a bounds check after computing content_offset and content_len to reject directories whose content extends past the block.

