Description
In the Linux kernel, the following vulnerability has been resolved:

net: psp: require admin permission for dev-set and key-rotate

The dev-set and key-rotate netlink operations modify shared device
state (PSP version configuration and cryptographic key material,
respectively) but do not require CAP_NET_ADMIN. The only access
control is psp_dev_check_access() which merely verifies netns
membership.
Published: 2026-06-24
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows modification of PSP device configuration and cryptographic keys through the dev-set and key-rotate netlink operations without requiring CAP_NET_ADMIN. Because the only check performed is that the caller shares the same network namespace, any local process within that namespace can alter device state and key material, potentially exposing sensitive information or disrupting network operations. This lack of proper privilege checks constitutes a local privilege escalation opportunity.

Affected Systems

All Linux kernel versions that ship the PSP netlink implementation. The vulnerability affects the Linux kernel as a whole; specific upstream kernel versions are not listed in the advisory.

Risk and Exploitability

The CVSS score is not provided and EPSS is unavailable, but the vulnerability is not flagged in the CISA KEV catalog. It is exploitable locally by any process with access to the same network namespace, which is a common scenario for privileged daemons and containerized workloads. The absence of a required admin capability makes the exploitation straightforward for a local attacker, resulting in a high per‑process impact but limited to the affected namespace. The overall risk to a system depends on how many critical services share the namespace.

Generated by OpenCVE AI on June 24, 2026 at 18:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel patch that implements CAP_NET_ADMIN checks for dev-set and key-rotate commands
  • If immediate patching is not possible, isolate sensitive services in separate network namespaces to prevent unauthorized access to PSP configuration
  • Configure SELinux or AppArmor to restrict untrusted processes from sending the dev-set and key-rotate netlink messages

Generated by OpenCVE AI on June 24, 2026 at 18:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state (PSP version configuration and cryptographic key material, respectively) but do not require CAP_NET_ADMIN. The only access control is psp_dev_check_access() which merely verifies netns membership.
Title net: psp: require admin permission for dev-set and key-rotate
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:28:54.809Z

Reserved: 2026-06-09T07:44:35.376Z

Link: CVE-2026-52978

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T19:00:06Z

Weaknesses