CVE-2026-53206
Analyzed
Analyzed - Analysis Complete
Bounds Check Bypass in Linux Kernel IVPU Driver
Vulnerability report for CVE-2026-53206, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-25
Last updated on: 2026-07-02
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
accel/ivpu: Add bounds check for firmware runtime memory
Validate that the firmware runtime memory specified in the image
header is properly aligned and sized to hold the firmware image.
This prevents errors during memory allocation and image transfer.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 7.1 |
| linux | linux_kernel | 7.1 |
| linux | linux_kernel | 7.1 |
| linux | linux_kernel | 7.1 |
| linux | linux_kernel | From 6.19 (inc) to 7.0.13 (exc) |
| linux | linux_kernel | 7.1 |
| linux | linux_kernel | 7.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |