{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53205", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.391Z", "datePublished": "2026-06-25T08:39:12.268Z", "dateUpdated": "2026-06-28T06:40:24.322Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-28T06:40:24.322Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Add bounds checks for firmware log indices\n\nAdd validation that read and write indices in the firmware log buffer\nare within valid bounds (< data_size) before using them. If\nout-of-bounds indices are encountered (from firmware), clamp them to\nsafe values instead of proceeding with invalid offsets.\n\nThis prevents potential out-of-bounds buffer access when firmware\nsupplies invalid log indices."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "baseScore": 7.1, "baseSeverity": "HIGH"}}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_fw_log.c"], "versions": [{"version": "0923a7d55a85179744926b7c11768a81679cc4d4", "lessThan": "5961c703414048f46818be8bbb11075a9a63fb4e", "status": "affected", "versionType": "git"}, {"version": "1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4", "lessThan": "8ec70c0dbdf04392a26e03e38798a373934177be", "status": "affected", "versionType": "git"}, {"version": "1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4", "lessThan": "535da9ad8420c3b686a642403d4147ff220255fd", "status": "affected", "versionType": "git"}, {"version": "1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4", "lessThan": "dd1311bcf0e62f0c515115f46a3813370f4a4bb1", "status": "affected", "versionType": "git"}, {"version": "6.12.30", "lessThan": "6.12.94", "status": "affected", "versionType": "semver"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/ivpu/ivpu_fw_log.c"], "versions": [{"version": "6.13", "status": "affected"}, {"version": "0", "lessThan": "6.13", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.94", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.36", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.13", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.30", "versionEndExcluding": "6.12.94"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "6.18.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "7.0.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.13", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/5961c703414048f46818be8bbb11075a9a63fb4e"}, {"url": "https://git.kernel.org/stable/c/8ec70c0dbdf04392a26e03e38798a373934177be"}, {"url": "https://git.kernel.org/stable/c/535da9ad8420c3b686a642403d4147ff220255fd"}, {"url": "https://git.kernel.org/stable/c/dd1311bcf0e62f0c515115f46a3813370f4a4bb1"}], "title": "accel/ivpu: Add bounds checks for firmware log indices", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{}

{"bugzilla": {"description": "kernel: accel/ivpu: Add bounds checks for firmware log indices", "id": "2492796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2492796"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-805", "details": ["A flaw was found in the Linux kernel's Intel Versatile Processing Unit (IVPU) accelerator driver. This vulnerability occurs due to insufficient validation of read and write indices in the firmware log buffer. If the firmware provides invalid log indices, it could lead to out-of-bounds buffer access. This issue could potentially allow an attacker to cause a denial of service or disclose sensitive information."], "name": "CVE-2026-53205", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-06-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-53205\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-53205\nhttps://lore.kernel.org/linux-cve-announce/2026062501-CVE-2026-53205-9438@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[0923a7d55a85179744926b7c11768a81679cc4d4,5961c703414048f46818be8bbb11075a9a63fb4e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4,8ec70c0dbdf04392a26e03e38798a373934177be)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4,535da9ad8420c3b686a642403d4147ff220255fd)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[1fc1251149a76d3b75d7f4c94d9c4e081b7df6b4,dd1311bcf0e62f0c515115f46a3813370f4a4bb1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.12.30,6.12.94)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.13"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.13)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.12.94,6.12.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.36,6.18.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.0.13,7.0.*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[7.1,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "created": "2026-06-25T12:00:14.024497+00:00", "updated": "2026-06-28T14:15:08.536617+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}