{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53055", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.381Z", "datePublished": "2026-06-24T16:30:00.876Z", "dateUpdated": "2026-06-28T06:38:47.302Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-28T06:38:47.302Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/sec2 - prevent req used-after-free for sec\n\nDuring packet transmission, if the system is under heavy load,\nthe hardware might complete processing the packet and free the\nrequest memory (req) before the transmission function finishes.\nIf the software subsequently accesses this req, a use-after-free\nerror will occur. The qp_ctx memory exists throughout the packet\nsending process, so replace the req with the qp_ctx."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/hisilicon/sec2/sec_crypto.c"], "versions": [{"version": "f0ae287c50455f7be0d8dd45a803d403c7aa4d2e", "lessThan": "b375c3c7209cc59e40e97998aa9bc768369cca0e", "status": "affected", "versionType": "git"}, {"version": "f0ae287c50455f7be0d8dd45a803d403c7aa4d2e", "lessThan": "ad73563f3a1edbfddf2724136c6a15826b354e18", "status": "affected", "versionType": "git"}, {"version": "f0ae287c50455f7be0d8dd45a803d403c7aa4d2e", "lessThan": "67b53a660e6bf0da2fa8d8872e897a14d8059eaf", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/hisilicon/sec2/sec_crypto.c"], "versions": [{"version": "6.17", "status": "affected"}, {"version": "0", "lessThan": "6.17", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b375c3c7209cc59e40e97998aa9bc768369cca0e"}, {"url": "https://git.kernel.org/stable/c/ad73563f3a1edbfddf2724136c6a15826b354e18"}, {"url": "https://git.kernel.org/stable/c/67b53a660e6bf0da2fa8d8872e897a14d8059eaf"}], "title": "crypto: hisilicon/sec2 - prevent req used-after-free for sec", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: crypto: hisilicon/sec2 - prevent req used-after-free for sec", "id": "2492312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492312"}, "csaw": false, "cwe": "CWE-825", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: hisilicon/sec2 - prevent req used-after-free for sec\nDuring packet transmission, if the system is under heavy load,\nthe hardware might complete processing the packet and free the\nrequest memory (req) before the transmission function finishes.\nIf the software subsequently accesses this req, a use-after-free\nerror will occur. The qp_ctx memory exists throughout the packet\nsending process, so replace the req with the qp_ctx.", "A flaw was found in the Linux kernel's `hisilicon/sec2` cryptographic module. Under heavy system load during packet transmission, the hardware may free request memory before the software completes its processing. This can lead to a use-after-free error when the software attempts to access the freed memory, potentially resulting in system instability or a denial of service."], "name": "CVE-2026-53055", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53055\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53055\nhttps://lore.kernel.org/linux-cve-announce/2026062400-CVE-2026-53055-6f65@gregkh/T"]}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f0ae287c50455f7be0d8dd45a803d403c7aa4d2e,b375c3c7209cc59e40e97998aa9bc768369cca0e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f0ae287c50455f7be0d8dd45a803d403c7aa4d2e,ad73563f3a1edbfddf2724136c6a15826b354e18)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[f0ae287c50455f7be0d8dd45a803d403c7aa4d2e,67b53a660e6bf0da2fa8d8872e897a14d8059eaf)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.17"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,6.17)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.33,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.10,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-24T19:30:08.642499+00:00", "updated": "2026-06-28T14:45:17.265844+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}