SB2026062572 - Use of Uninitialized Variable in Linux kernel net hamradio driver
Published: June 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Use of Uninitialized Variable (CVE-ID: CVE-2026-53082)
CWE-ID: CWE-457 - Use of Uninitialized Variable
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an uninitialized value read in sixpack_receive_buf() and sixpack_decode() in the 6pack hamradio driver when processing TTY input with error-flagged bytes. A local user can supply crafted input containing TTY error conditions to cause a denial of service.
The issue occurs because bytes marked with TTY error flags are not skipped correctly before decoding.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1d3abf0c3ddeefc6f6d913aa129acc06fce8240a
- https://git.kernel.org/stable/c/2951656b0de00153f2687f3a093890bce72b6215
- https://git.kernel.org/stable/c/578f3aba427c938fecfa0d8c83d9acb213a9b24a
- https://git.kernel.org/stable/c/987af7625ceb1ee59d70eb0abd7af11c75e45d79
- https://git.kernel.org/stable/c/bf9a38803b2626b01cc769aaf13485d8650f576f
- https://git.kernel.org/stable/c/d4cceb5184538613572fb79319453f281b1eeacb
- https://git.kernel.org/stable/c/d9ce2a4b679122397d7f35bad7be46913ad1ca80
- https://git.kernel.org/stable/c/e9cf4018d74237d142cd66243c821d13593270f0