CVE-2026-53117 - Vulnerability Details

- s390/cio: use generic driver_override infrastructure

Description

In the Linux kernel, the following vulnerability has been resolved:

s390/cio: use generic driver_override infrastructure

When a driver is probed through __driver_attach(), the bus' match()
callback is called without the device lock held, thus accessing the
driver_override field without a lock, which can cause a UAF.

Fix this by using the driver-core driver_override infrastructure taking
care of proper locking internally.

Note that calling match() from __driver_attach() without the device lock
held is intentional. [1]

Published: 2026-06-24

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`ebc3d179150347f3b6d97d8f249378bb2218f95e`	affected	< c4295487124f461405e1ef64dfa8c4ab0cb7ebcf
`ebc3d179150347f3b6d97d8f249378bb2218f95e`	affected	< 106d594711e97762788046c5bbb94f580abc4bf4
`ebc3d179150347f3b6d97d8f249378bb2218f95e`	affected	< 2081957d8c323ffb58a10bc64837717ac5a042a1
`ebc3d179150347f3b6d97d8f249378bb2218f95e`	affected	< b660ba045b2b22cf3b4be72773de00cb48f47be5
`ebc3d179150347f3b6d97d8f249378bb2218f95e`	affected	< ac4d8bb6e2e13e8684a76ea48d13ebaaaf5c24c4

Linux

affected

Version	Status	Constraints
`5.3`	affected	—
`0`	unaffected	< 5.3
`6.6.141`	unaffected	≤ 6.6.*
`6.12.91`	unaffected	≤ 6.12.*
`6.18.33`	unaffected	≤ 6.18.*
`7.0.10`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/106d594711e97762788046c5bbb94f580abc4bf4
https://git.kernel.org/stable/c/2081957d8c323ffb58a10bc64837717ac5a042a1
https://git.kernel.org/stable/c/ac4d8bb6e2e13e8684a76ea48d13ebaaaf5c24c4
https://git.kernel.org/stable/c/b660ba045b2b22cf3b4be72773de00cb48f47be5
https://git.kernel.org/stable/c/c4295487124f461405e1ef64dfa8c4ab0cb7ebcf

History

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: s390/cio: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' match() callback is called without the device lock held, thus accessing the driver_override field without a lock, which can cause a UAF. Fix this by using the driver-core driver_override infrastructure taking care of proper locking internally. Note that calling match() from __driver_attach() without the device lock held is intentional. [1]
Title		s390/cio: use generic driver_override infrastructure
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/106d594711e97762788046c5bbb94f580abc4bf4 https://git.kernel.org/stable/c/2081957d8c323ffb58a10bc64837717ac5a042a1 https://git.kernel.org/stable/c/ac4d8bb6e2e13e8684a76ea48d13ebaaaf5c24c4 https://git.kernel.org/stable/c/b660ba045b2b22cf3b4be72773de00cb48f47be5 https://git.kernel.org/stable/c/c4295487124f461405e1ef64dfa8c4ab0cb7ebcf

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:30:48.645Z

Updated: 2026-06-24T16:30:48.645Z

Reserved: 2026-06-09T07:44:35.385Z

Link: CVE-2026-53117

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object