Description
In the Linux kernel, the following vulnerability has been resolved:

soc/tegra: cbb: Fix incorrect ARRAY_SIZE in fabric lookup tables

Fix incorrect ARRAY_SIZE usage in fabric lookup tables which could
cause out-of-bounds access during target timeout lookup.
Published: 2026-06-24
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel’s Tegra CBB fabric component contains an error in the calculation of array boundaries during a target timeout lookup, using an incorrect ARRAY_SIZE macro. This flaw permits the code path to read or write past the end of a fabric lookup table, resulting in kernel memory corruption that can cause crashes or denial of service. Based on the description, it is inferred that an attacker could potentially subvert kernel integrity by exploiting the out‑of‑bounds access.

Affected Systems

The vulnerability affects the Linux kernel on Tegra platforms that include the CBB fabric module and have not yet incorporated the upstream fix (commit 5c009a5f8bb3c81f2cfb511701ce571e3c8733cd). No specific kernel release range is documented, so any install running legacy Tegra kernels should verify that the patch has been applied or that the offending module is not loaded.

Risk and Exploitability

The CVSS score of 7.1 indicates moderate to high severity, while an EPSS score of less than 1% shows a very low current likelihood of exploitation. The vulnerability requires local access to reach the improperly calculated array indices, making remote exploitation unlikely. The CVE is not listed in the CISA KEV catalog, but the kernel memory corruption potential warrants prompt remediation.

Generated by OpenCVE AI on June 28, 2026 at 14:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the upstream patch for Tegra CBB fabric (commit 5c009a5f8bb3c81f2cfb511701ce571e3c8733cd).
  • If an immediate kernel update is not possible, disable the CBB fabric target‑timeout feature through kernel configuration or runtime settings to prevent the out‑of‑bounds path from being exercised.
  • If neither an update nor a configuration change is feasible, apply the corrective patch from the commit that fixes the ARRAY_SIZE issue to the kernel source, rebuild the affected module, and load it into the running kernel.

Generated by OpenCVE AI on June 28, 2026 at 14:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 28 Jun 2026 08:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H'}


Fri, 26 Jun 2026 04:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
CWE-122

Fri, 26 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-131
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Moderate


Wed, 24 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
CWE-122

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix incorrect ARRAY_SIZE in fabric lookup tables Fix incorrect ARRAY_SIZE usage in fabric lookup tables which could cause out-of-bounds access during target timeout lookup.
Title soc/tegra: cbb: Fix incorrect ARRAY_SIZE in fabric lookup tables
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-28T06:38:26.223Z

Reserved: 2026-06-09T07:44:35.381Z

Link: CVE-2026-53044

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53044 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-28T14:45:17Z

Weaknesses
  • CWE-131

    Incorrect Calculation of Buffer Size