CVE-2026-53203 - Vulnerability Details

- accel/ivpu: Add buffer overflow check in MS get_info_ioctl

Description

In the Linux kernel, the following vulnerability has been resolved:

accel/ivpu: Add buffer overflow check in MS get_info_ioctl

Add validation that the info size returned from the metric stream info
query is not exceeded when checked against the allocated buffer size.
If the firmware returns a size larger than the buffer, reject the
operation with -EOVERFLOW instead of proceeding with an incorrect
buffer copy.

Published: 2026-06-25

Score: 7.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`cdfad4db7756563db7d458216d9e3c2651dddc7d`	affected	< d3c12ed33e8923f3090909a1738f3e59292996a6
`cdfad4db7756563db7d458216d9e3c2651dddc7d`	affected	< fa598556ecef412edcb391f144b7642e18fdfd45
`cdfad4db7756563db7d458216d9e3c2651dddc7d`	affected	< 4e5047cc94bea1cc7b670b7f503358e9af0542df
`cdfad4db7756563db7d458216d9e3c2651dddc7d`	affected	< fb176425837693f50c5c9fc8db6fbb04af22bd0a

Linux

affected

Version	Status	Constraints
`6.11`	affected	—
`0`	unaffected	< 6.11
`6.12.94`	unaffected	≤ 6.12.*
`6.18.36`	unaffected	≤ 6.18.*
`7.0.13`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[cdfad4db7756563db7d458216d9e3c2651dddc7d,d3c12ed33e8923f3090909a1738f3e59292996a6)`	affected	code_commit	—
`[cdfad4db7756563db7d458216d9e3c2651dddc7d,fa598556ecef412edcb391f144b7642e18fdfd45)`	affected	code_commit	—
`[cdfad4db7756563db7d458216d9e3c2651dddc7d,4e5047cc94bea1cc7b670b7f503358e9af0542df)`	affected	code_commit	—
`[cdfad4db7756563db7d458216d9e3c2651dddc7d,fb176425837693f50c5c9fc8db6fbb04af22bd0a)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`6.11`	affected	generic	—
`[0,6.11)`	unaffected	generic	—
`[6.12.94,6.13.0)`	unaffected	semver	—
`[6.18.36,6.19.0)`	unaffected	semver	—
`[7.0.13,7.1.0)`	unaffected	semver	—
`[7.1,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00144.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/4e5047cc94bea1cc7b670b7f503358e9af0542df
https://git.kernel.org/stable/c/d3c12ed33e8923f3090909a1738f3e59292996a6
https://git.kernel.org/stable/c/fa598556ecef412edcb391f144b7642e18fdfd45
https://git.kernel.org/stable/c/fb176425837693f50c5c9fc8db6fbb04af22bd0a
https://lore.kernel.org/linux-cve-announce/2026062501-CVE-2026-53203-2c14@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-53203
https://www.cve.org/CVERecord?id=CVE-2026-53203

History

Sun, 28 Jun 2026 13:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-119

Sun, 28 Jun 2026 08:00:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}`	cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H'}`

Fri, 26 Jun 2026 12:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120
References		https://lore.kernel.org/linux-cve-announce/2026062501-CVE-2026-53203-2c14@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-53203 https://www.cve.org/CVERecord?id=CVE-2026-53203
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Thu, 25 Jun 2026 12:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-119

Thu, 25 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS get_info_ioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size larger than the buffer, reject the operation with -EOVERFLOW instead of proceeding with an incorrect buffer copy.
Title		accel/ivpu: Add buffer overflow check in MS get_info_ioctl
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4e5047cc94bea1cc7b670b7f503358e9af0542df https://git.kernel.org/stable/c/d3c12ed33e8923f3090909a1738f3e59292996a6 https://git.kernel.org/stable/c/fa598556ecef412edcb391f144b7642e18fdfd45 https://git.kernel.org/stable/c/fb176425837693f50c5c9fc8db6fbb04af22bd0a

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-25T08:39:10.950Z

Updated: 2026-06-28T06:40:22.911Z

Reserved: 2026-06-09T07:44:35.391Z

Link: CVE-2026-53203

Vulnrichment

No data.

NVD

No data.

Redhat

Severity : Important

Publid Date: 2026-06-25T00:00:00Z

Links: CVE-2026-53203 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-28T15:15:05Z

Weaknesses

CWE-120

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object