Improper input validation in Linux kernel - CVE-2026-53304
Published: June 29, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local privileged user to cause a denial of service.
The vulnerability exists due to improper input validation in the sg driver def_reserved_size module parameter handling when opening /dev/sgX after assigning an invalid value to the parameter. A local privileged user can write a negative or oversized value to the def_reserved_size sysfs parameter and then open a sg device node to cause a denial of service.
How to mitigate CVE-2026-53304
Sources
- https://git.kernel.org/stable/c/1afd963fcd963db0dc5d47df6dfcf010c9c4647e
- https://git.kernel.org/stable/c/3d74e0654ac908c65a8f20373091826fe43b1363
- https://git.kernel.org/stable/c/9676ca7b1ef31a3a65b3e61e7ce3b54ce7364202
- https://git.kernel.org/stable/c/c47ccfb3d80dfed522ca06a5954ac97488d78c5a
- https://git.kernel.org/stable/c/c5f4a211e82d04ccc1809311322c47023bbe66e2
- https://git.kernel.org/stable/c/d06a310b45e153872033dd0cf19d5a2279121099
- https://git.kernel.org/stable/c/fe671d3c84ffb1b763d590c25195755adeaadaba
- https://git.kernel.org/stable/c/feade299e932967de27519338d41de348fb5b061