CVE-2026-53203
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk5th percentile — higher than 5% of all known CVEs
Summary
In the Linux kernel, a buffer overflow check was added in the accel/ivpu driver's get_info_ioctl function. Missing validation of the size returned by firmware could lead to copying data beyond the allocated buffer.
Risk Assessment
The organization faces potential data integrity violation or system crash due to improper buffer copying. An attacker with local access could exploit this vulnerability for privilege escalation or driver destabilization.
Recommendation
Immediately update the Linux kernel to a version containing the fix for CVE-2026-53203. Monitor official security advisories from your Linux distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS get_info_ioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size larger than the buffer, reject the operation with -EOVERFLOW instead of proceeding with an incorrect buffer copy.

