CVE-2026-53306
In the Linux kernel, the following vulnerability has been resolved: tty: hvc_iucv: fix off-by-one in number of supported devices MAX_HVC_IUCV_LINES == HVC_ALLOC_TTY_ADAPTERS == 8. This is the number of entries in: static struct hvc_iucv_private *hvc_iucv_table[MAX_HVC_IUCV_LINES]; Sometimes hvc_iucv_table[] is limited by: (a) if (num > hvc_iucv_devices) // for error detection or (b) for (i = 0; i < hvc_iucv_devices; i++) // in 2 places (so these 2 don't agree; second one appears to be correct to me.) hvc_iucv_devices can be 0..8. This is a counter. (c) if (hvc_iucv_devices > MAX_HVC_IUCV_LINES) If hvc_iucv_devices == 8, (a) allows the code to access hvc_iucv_table[8]. Oops.
Affected versions
Linux kernel versions
2.6.29
and later are affected. Fixed in
5.10.258,
5.15.209,
6.1.175,
6.6.141,
6.12.91,
6.18.33,
7.0.10,
7.1
and their respective stable series.
References
8 totalFrequently asked questions
-
What is CVE-2026-53306?
CVE-2026-53306 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 2.6.29 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-53306 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
Is there a patch available for CVE-2026-53306?
Yes — CVE-2026-53306 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 2.6.29 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2026-53306 actively exploited?
No — CVE-2026-53306 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.