Integer overflow in Linux kernel - CVE-2026-52948
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to integer overflow in the I2C_TIMEOUT ioctl handler in i2c-dev when processing a user-supplied timeout value. A local user can supply a large timeout value to cause a denial of service.
The issue can corrupt the SMBus controller state machine and leave it in an unrecoverable state.
How to mitigate CVE-2026-52948
Sources
- https://git.kernel.org/stable/c/0b88ecfbc9dc33b4db8836c37b50cf174e6c0691
- https://git.kernel.org/stable/c/4576621dc6577f21a032acfd16c3ad61907a5ea7
- https://git.kernel.org/stable/c/617eb7c0961a8dfcfc811844a6396e406b2923ea
- https://git.kernel.org/stable/c/943e318eedbeaeea08ece3f5dd44c982f4ed2ef5
- https://git.kernel.org/stable/c/aa6ef734016912653a909477fb30aeb66c98b3a2
- https://git.kernel.org/stable/c/e9ffd5f5050fbb199d270a85614cd27ebed6fbac
- https://git.kernel.org/stable/c/ff02add34ffd03449b8115904ebe2ec4fed022d4
- https://git.kernel.org/stable/c/ffbcf31f032eb454ebfd29309f51366fe57f4ac4