Description
In the Linux kernel, the following vulnerability has been resolved:

net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx()

If queue entry list allocation fails in airoha_qdma_init_tx_queue routine,
airoha_qdma_cleanup_tx_queue() will trigger a NULL pointer dereference
accessing the queue entry array. The issue is due to the early ndesc
initialization in airoha_qdma_init_tx_queue(). Fix the issue moving ndesc
initialization at end of airoha_qdma_init_tx routine.
Published: 2026-06-26
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In the Linux kernel's Airoha network driver, an early initialization of the ndesc variable causes a NULL pointer dereference when the queue entry list allocation fails. The defect manifests during the airoha_qdma_init_tx_queue() routine, leading to a crash of the kernel. The impact is a loss of availability, potentially allowing an attacker to destabilize the system if they can trigger the function with failing allocation conditions.

Affected Systems

The affected product is the Linux kernel, specifically the Airoha network driver. No specific kernel versions are listed in the information provided, so all kernel builds compiled with the unpatched driver are potentially vulnerable.

Risk and Exploitability

The CVSS score is not provided, and EPSS is unavailable, making formal risk assessment difficult. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local or remote network traffic that forces the driver to allocate a queue entry list that fails, but the exact exploitation path is not described. The primary consequence is a kernel panic or crash, classifying the risk as a moderate to high denial‑of‑service scenario. Proper mitigation is required to avoid potential service disruption.

Generated by OpenCVE AI on June 26, 2026 at 22:15 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and install the latest Linux kernel release that contains the patch for the Airoha driver
  • If an upgrade is not possible, disable or replace the Airoha networking hardware to stop the vulnerable driver from loading
  • Monitor system logs for "NULL pointer dereference" or panic messages and apply an emergency patch or kernel update as soon as it becomes available

Generated by OpenCVE AI on June 26, 2026 at 22:15 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx() If queue entry list allocation fails in airoha_qdma_init_tx_queue routine, airoha_qdma_cleanup_tx_queue() will trigger a NULL pointer dereference accessing the queue entry array. The issue is due to the early ndesc initialization in airoha_qdma_init_tx_queue(). Fix the issue moving ndesc initialization at end of airoha_qdma_init_tx routine.
Title net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:40:56.524Z

Reserved: 2026-06-09T07:44:35.397Z

Link: CVE-2026-53299

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T22:30:04Z

Weaknesses