SB20260626159 - Heap-based buffer overflow in Linux kernel usb serial driver



SB20260626159 - Heap-based buffer overflow in Linux kernel usb serial driver

Published: June 26, 2026

Security Bulletin ID SB20260626159
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Heap-based buffer overflow (CVE-ID: CVE-2026-53195)

CWE-ID: CWE-122 - Heap-based Buffer Overflow

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local user to cause a denial of service.

The vulnerability exists due to a heap-based buffer overflow in build_i2c_fw_hdr() in the io_ti USB serial driver when parsing a crafted firmware file. A local user can supply a firmware image with an oversized Length field to cause a denial of service.

The issue arises because the Length field from the firmware image is not validated against the available destination buffer space before copying.


Remediation

Install update from vendor's website.