目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2026-53292— Linux kernel 安全漏洞

AI Predicted 7.8 Difficulty: Easy EPSS 0.15% · P5

Affected Version Matrix 6

ベンダープロダクトVersion Rangeステータス
LinuxLinuxba113a94b7503ee23ffe819e7045134b0c1d31de< 6db58ee730bf434d1afca91b91826e26688856edaffected
ba113a94b7503ee23ffe819e7045134b0c1d31de< 5b0c911bcdbd982f7748d11c0b39ec5808eae2deaffected
2.6.28affected
< 2.6.28unaffected
7.0.10≤ 7.0.*unaffected
7.1≤ *unaffected
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2026-53292の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind syzbot reported a kernel BUG triggered from pn_socket_sendmsg() via pn_socket_autobind(): kernel BUG at net/phonet/socket.c:213! RIP: 0010:pn_socket_autobind net/phonet/socket.c:213 [inline] RIP: 0010:pn_socket_sendmsg+0x240/0x250 net/phonet/socket.c:421 Call Trace: sock_sendmsg_nosec+0x112/0x150 net/socket.c:797 __sock_sendmsg net/socket.c:812 [inline] __sys_sendto+0x402/0x590 net/socket.c:2280 ... pn_socket_autobind() calls pn_socket_bind() with port 0 and, on -EINVAL, assumes the socket was already bound and asserts that the port is non-zero: err = pn_socket_bind(sock, ..., sizeof(struct sockaddr_pn)); if (err != -EINVAL) return err; BUG_ON(!pn_port(pn_sk(sock->sk)->sobject)); return 0; /* socket was already bound */ However pn_socket_bind() also returns -EINVAL when sk->sk_state is not TCP_CLOSE, even when the socket has never been bound and pn_port() is still 0. In that case the BUG_ON() fires and panics the kernel from a user-triggerable path. Treat the "bind returned -EINVAL but pn_port() is still 0" case as a regular error and propagate -EINVAL to the caller instead of crashing. Existing callers already translate a non-zero return from pn_socket_autobind() into -ENOBUFS/-EAGAIN, so returning -EINVAL here only changes behaviour from panic to a normal errno.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会开源的操作系统Linux所使用的内核。 Linux kernel 2.6.28版本存在安全漏洞,该漏洞源于在pn_socket_autobind()函数中,当绑定失败时错误使用BUG_ON()进行断言,可能导致内核崩溃。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
LinuxLinux ba113a94b7503ee23ffe819e7045134b0c1d31de ~ 6db58ee730bf434d1afca91b91826e26688856ed -
LinuxLinux 2.6.28 -

II. CVE-2026-53292の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2026-53292のインテリジェンス情報

登录查看更多情报信息。

CVE-2026-53292 补丁与修复 (2)

Same Patch Batch · Linux · 2026-06-26 · 47 CVEs total

CVE-2026-533099.8 CRITICALocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison
CVE-2026-533228.8 HIGHvfio/pci: Clean up DMABUFs before disabling function
CVE-2026-532818.8 HIGHiommu/vt-d: Avoid NULL pointer dereference or refcount corruption
CVE-2026-533007.8 HIGHnet: enetc: fix NTMP DMA use-after-free issue
CVE-2026-532907.8 HIGHdrm/xe/eustall: Fix drm_dev_put called before stream disable in close
CVE-2026-532847.5 HIGHbtrfs: only release the dirty pages io tree after successful writes
CVE-2026-53278arm_mpam: Check whether the config array is allocated before destroying it
CVE-2026-53289ice: fix NULL pointer dereference in ice_reset_all_vfs()
CVE-2026-53283iommu/amd: Bounds-check devid in __rlookup_amd_iommu()
CVE-2026-53280iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done()
CVE-2026-53282x86/kexec: Push kjump return address even for non-kjump kexec
CVE-2026-53279drm/gma500/oaktrail_lvds: fix hang on init failure
CVE-2026-53291ALSA: hda/conexant: Fix missing error check for jack detection
CVE-2026-53293drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG
CVE-2026-53294mailbox: mailbox-test: don't free the reused channel
CVE-2026-53295mailbox: add sanity check for channel array
CVE-2026-53296mailbox: mailbox-test: free channels on probe error
CVE-2026-53297net: mana: Guard mana_remove against double invocation
CVE-2026-53298net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue()
CVE-2026-53299net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx()

Showing 20 of 47 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2026-53292へのコメント

まだコメントはありません


コメントを残す