CVE-2026-53310
Received Received - Intake
Cross-Fabric Target Timeout Lookup Flaw in Linux Kernel

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix cross-fabric target timeout lookup When a fabric receives an error interrupt, the error may have occurred on a different fabric. The target timeout lookup was using the wrong base address (cbb->regs) with offsets from a different fabric's target map, causing a kernel page fault. Unable to handle kernel paging request at virtual address ffff80000954cc00 pc : tegra234_cbb_get_tmo_slv+0xc/0x28 Call trace: tegra234_cbb_get_tmo_slv+0xc/0x28 print_err_notifier+0x6c0/0x7d0 tegra234_cbb_isr+0xe4/0x1b4 Add tegra234_cbb_get_fabric() to look up the correct fabric device using fab_id, and use its base address for accessing target timeout registers.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-53310
EUVD
EUVD-2026-39845
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can cause the Linux kernel to crash due to a page fault when handling error interrupts across different fabrics. Such crashes can lead to system instability, unexpected reboots, or denial of service conditions on affected systems.

Executive Summary

This vulnerability exists in the Linux kernel's soc/tegra component related to the cbb (Crossbar Bridge). When an error interrupt is received by a fabric, the error might have originated from a different fabric. However, the target timeout lookup was incorrectly using the base address of one fabric combined with offsets from another fabric's target map. This mismatch caused the kernel to attempt to access an invalid memory address, resulting in a kernel page fault.

The issue was fixed by adding a function to correctly identify the fabric device using its fabric ID and then using the correct base address for accessing the target timeout registers, preventing the kernel page fault.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53310. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart