CVE-2026-53052
Received Received - Intake
BaseFortify

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing witout check could lead to incorrect memory access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53052
EUVD
EUVD-2026-38920
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's ASoC qcom qdsp6 topology component. It occurs because the code does not check the widget type before accessing its private data. Some widgets may be virtual and not associated with a DSP graph, container, or module. Accessing private data without verifying the widget type can lead to incorrect memory access.

Impact Analysis

The vulnerability can lead to incorrect memory access in the Linux kernel. This may cause system instability, crashes, or potentially allow an attacker to exploit the improper memory access to affect system behavior.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53052. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart