SB20260626158 - Out-of-bounds write in Linux kernel usb serial driver
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds write (CVE-ID: CVE-2026-53194)
CWE-ID: CWE-787 - Out-of-bounds write
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds write in klsi_105_prepare_write_buffer() when processing writes to the tty device. A local user can write bulk_out_size or more bytes to the tty to cause a denial of service.
The issue is triggered when the write fifo holds at least the full bulk-out buffer size, causing data to be copied starting two bytes into a 64-byte buffer.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0a57320f71941d4e0b1307453c9a1f0939afe666
- https://git.kernel.org/stable/c/14147b7963685957839c76ba8094924e22777d79
- https://git.kernel.org/stable/c/372f33ebed747d91870f57c0a2e62884a870bffa
- https://git.kernel.org/stable/c/60af1fd82983c26604102e63a3fcc822c186cceb
- https://git.kernel.org/stable/c/70d86e355c564b5510fde61361df014f5476c83e
- https://git.kernel.org/stable/c/96d47e40bf9db4a9efd5c8fb53287a508d165f14
- https://git.kernel.org/stable/c/a1288cd700f721c1a119c4f1e8efa234e59caada
- https://git.kernel.org/stable/c/bde742b076cbe26ecc89c8c68c76ae076a524d02