{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53156", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.388Z", "datePublished": "2026-06-25T08:38:39.495Z", "dateUpdated": "2026-06-25T08:38:39.495Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-25T08:38:39.495Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmem: core: fix use-after-free bugs in error paths\n\nFix several instances of error paths in which we call\n__nvmem_device_put() - which may end up freeing the underlying memory\nand other resources - and then keep on using the nvmem structure. Always\nput the reference to the nvmem device as the last step before returning\nthe error code."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/nvmem/core.c"], "versions": [{"version": "e888d445ac33a5b0288d670ecd970908b13f07cd", "lessThan": "e0d38bf47a72da2f02c9fa6f752cd66d977cd7f7", "status": "affected", "versionType": "git"}, {"version": "e888d445ac33a5b0288d670ecd970908b13f07cd", "lessThan": "cb85ef5a227b3662b88f4d849a1aad43bfe7f5ae", "status": "affected", "versionType": "git"}, {"version": "e888d445ac33a5b0288d670ecd970908b13f07cd", "lessThan": "40e2a459c0dd1333b2343831480a0ad80dc07614", "status": "affected", "versionType": "git"}, {"version": "e888d445ac33a5b0288d670ecd970908b13f07cd", "lessThan": "5b6b6fc491899d583eaa75344e094796ae9b530b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/nvmem/core.c"], "versions": [{"version": "4.20", "status": "affected"}, {"version": "0", "lessThan": "4.20", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.94", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.36", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.13", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.12.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "6.18.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "7.0.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e0d38bf47a72da2f02c9fa6f752cd66d977cd7f7"}, {"url": "https://git.kernel.org/stable/c/cb85ef5a227b3662b88f4d849a1aad43bfe7f5ae"}, {"url": "https://git.kernel.org/stable/c/40e2a459c0dd1333b2343831480a0ad80dc07614"}, {"url": "https://git.kernel.org/stable/c/5b6b6fc491899d583eaa75344e094796ae9b530b"}], "title": "nvmem: core: fix use-after-free bugs in error paths", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: nvmem: core: fix use-after-free bugs in error paths", "id": "2492738", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492738"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-825", "details": ["A flaw was found in the Linux kernel's nvmem core. This vulnerability, a use-after-free, occurs in error handling paths where memory associated with an nvmem device is prematurely released while the system continues to access the freed memory. This can lead to memory corruption, potentially allowing an attacker to cause a denial of service or execute arbitrary code."], "name": "CVE-2026-53156", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53156\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53156\nhttps://lore.kernel.org/linux-cve-announce/2026062548-CVE-2026-53156-dc6d@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[e888d445ac33a5b0288d670ecd970908b13f07cd,e0d38bf47a72da2f02c9fa6f752cd66d977cd7f7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[e888d445ac33a5b0288d670ecd970908b13f07cd,cb85ef5a227b3662b88f4d849a1aad43bfe7f5ae)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[e888d445ac33a5b0288d670ecd970908b13f07cd,40e2a459c0dd1333b2343831480a0ad80dc07614)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[e888d445ac33a5b0288d670ecd970908b13f07cd,5b6b6fc491899d583eaa75344e094796ae9b530b)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.20"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,4.20)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.94,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.36,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.13,7.1.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-25T12:15:03.848953+00:00", "updated": "2026-06-26T05:45:04.994531+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}