CVE-2026-53336
Received
Received - Intake
NVMEM ONIE-TLV Layout Driver Infinite Loop on Unknown Type
Vulnerability report for CVE-2026-53336, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-01
Last updated on: 2026-07-01
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
nvmem: layouts: onie-tlv: fix hang on unknown types
The EEPROM on my board has a vendor specific entry of type 0x41. When
stumbling upon that, this driver hangs in an endless loop.
Fix it by keep incrementing the offset on unknown entries, so the loop
will eventually stop.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |