CVE Catalog

CVE-2026-53188

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

3th percentile — higher than 3% of all known CVEs

Summary

In the Linux kernel RDMA/core component, a vulnerability was found due to missing validation of the file operations structure (fops) in the ib_get_ucaps() function. An attacker can use a block device with the same device number (dev_t) to impersonate a legitimate ucap cdev device.

Risk Assessment

The risk involves potential privilege escalation or system integrity compromise by impersonating a trusted RDMA device, which could lead to unauthorized access to kernel memory or other resources.

Recommendation

Apply the security patch provided by the Linux kernel distributor for affected versions immediately. A system reboot is required after the update.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ib_get_ucaps() Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same dev_t it can masquerade as a ucap cdev fd. Test the f_ops to only accept authentic cdevs.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS