Improper access control in Linux kernel - CVE-2026-53077
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper restriction of operations in RDS/IB transport selection and address checking when using RDS/IB from a non-initial network namespace. A local user can select the RDS/IB transport from a non-initial network namespace to cause a denial of service.
The issue is specific to use of RDS/IB outside the initial network namespace.
How to mitigate CVE-2026-53077
Sources
- https://git.kernel.org/stable/c/07035306bf722f4676a1aee35cbeb3732c76194e
- https://git.kernel.org/stable/c/3174fc703d081d2ca538b22fba734e3ad5b52322
- https://git.kernel.org/stable/c/3e7f14cd5a51533404e1ae4809caab46073fb5c7
- https://git.kernel.org/stable/c/a7494479757d60d2413bfaa087f8431a26eea032
- https://git.kernel.org/stable/c/b6a54f5e9ce9b97ae641855378d71c5154a085c0
- https://git.kernel.org/stable/c/c244b79adffad89a5173cf8bfaa06a6b40bbd09b
- https://git.kernel.org/stable/c/ebf71dd4aff46e8e421d455db3e231ba43d2fa8a
- https://git.kernel.org/stable/c/fb407343c0c16e94584707b2dfdd350a5f81b000