CVE-2026-53309
Received Received - Intake
Buffer Overflow in Linux Kernel OCFS2 DLM

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison The local-vs-remote region comparison loop uses '<=' instead of '<', causing it to read one entry past the valid range of qr_regions. The other loops in the same function correctly use '<'. Fix the loop condition to use '<' for consistency and correctness.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-53309
EUVD
EUVD-2026-39844
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an off-by-one error in the Linux kernel's ocfs2/dlm component, specifically in the dlm_match_regions() function. The issue arises because the local-versus-remote region comparison loop uses a less-than-or-equal-to ('<=') condition instead of a less-than ('<') condition. This causes the loop to read one entry beyond the valid range of qr_regions, potentially leading to incorrect behavior or memory access errors. The fix involves correcting the loop condition to use '<' for proper bounds checking.

Impact Analysis

The off-by-one error in the region comparison loop can cause the function to read memory beyond the intended range. This may lead to unexpected behavior such as data corruption, crashes, or other stability issues within the Linux kernel's ocfs2/dlm subsystem. Since this is a local kernel vulnerability, it could potentially be exploited by a local user or process to cause denial of service or other unintended effects.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53309. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart