CVE-2026-53295
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
A sanity check for the channel array was added in the Linux kernel mailbox driver. Without it, a missing channel array could cause a NULL pointer dereference and kernel OOPS, especially during early initialization.
Risk Assessment
The organization risks system crashes (kernel panic) during mailbox driver initialization, potentially disrupting critical services or causing data loss.
Recommendation
Immediately update the Linux kernel to a version containing this fix (commit adding the sanity check). Monitor official security advisories from your Linux distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers might instantiate very early. Remove the comment explaining the obvious while here.

