NULL pointer dereference in Linux kernel - CVE-2026-53152
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a NULL-pointer dereference in the dw_mmc-rockchip driver when initializing very old Rockchip MMC controllers. A local user can trigger initialization of an affected controller to cause a denial of service.
The issue affects rk2928, rk3066, and rk3188 controllers that do not support UHS speeds and therefore lacked driver private data for phase handling.