What is CVE-2026-53046?

CVE-2026-53046 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.15 onward and patched in 5.15.209, 6.1.175, 6.6.141 and others. CVE-2026-53046 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-53046?

CVE-2026-53046 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-53046?

Yes, CVE-2026-53046 has been patched. Fixed versions include 5.15.209, 6.1.175, 6.6.141 and others. If you are running Linux kernel 5.15 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-53046 actively exploited?

CVE-2026-53046 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-53046

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbd_crypt_message() sets a NULL completion callback on AEAD requests and does not handle the -EINPROGRESS return code from async hardware crypto engines like the Qualcomm Crypto Engine (QCE). When QCE returns -EINPROGRESS, ksmbd treats it as an error and immediately frees the request while the hardware DMA operation is still in flight. The DMA completion callback then dereferences freed memory, causing a NULL pointer crash: pc : qce_skcipher_done+0x24/0x174 lr : vchan_complete+0x230/0x27c ... el1h_64_irq+0x68/0x6c ksmbd_free_work_struct+0x20/0x118 [ksmbd] ksmbd_exit_file_cache+0x694/0xa4c [ksmbd] Use the standard crypto_wait_req() pattern with crypto_req_done() as the completion callback, matching the approach used by the SMB client in fs/smb/client/smb2ops.c. This properly handles both synchronous engines (immediate return) and async engines (-EINPROGRESS followed by callback notification).

Package Linux Kernel

Published 2026-06-24

Last modified 2026-06-24

Patch available

Yes

Affected versions

Linux kernel versions 5.15 and later are affected. Fixed in 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1 and their respective stable series.

Affected from

≥ 5.15

Fixed in

✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.141 6.6.x ✓ 6.12.91 6.12.x ✓ 6.18.33 6.18.x ✓ 7.0.10 7.0.x ✓ 7.1

References

7 total

Showing 5 of 7 references View all on NVD

Frequently asked questions

What is CVE-2026-53046?

CVE-2026-53046 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.15 onward and has been patched in 5.15.209, 6.1.175, 6.6.141 and others. CVE-2026-53046 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-53046?

Yes — CVE-2026-53046 has been patched. Fixed versions include 5.15.209, 6.1.175, 6.6.141 and others. If you are running Linux kernel 5.15 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-53046 actively exploited?

No — CVE-2026-53046 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.