CVE-2026-53188 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ib_get_ucaps() Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same dev_t it can masquerade as a ucap cdev fd. Test the f_ops to only accept authentic cdevs.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4a1b1ac2744694a2ecd66a84bdb1445f4ef24bee
https://git.kernel.org/stable/c/96b6e98ff12d50ed5817230c6f1188e1150d225d
https://git.kernel.org/stable/c/aa181287ebdcc53ee0ba5c2f8243e2d541ebc19b

History

Thu, 25 Jun 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ib_get_ucaps() Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same dev_t it can masquerade as a ucap cdev fd. Test the f_ops to only accept authentic cdevs.
Title		RDMA/core: Validate the passed in fops for ib_get_ucaps()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4a1b1ac2744694a2ecd66a84bdb1445f4ef24bee https://git.kernel.org/stable/c/96b6e98ff12d50ed5817230c6f1188e1150d225d https://git.kernel.org/stable/c/aa181287ebdcc53ee0ba5c2f8243e2d541ebc19b

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-25T08:39:00.960Z

Updated: 2026-06-25T08:39:00.960Z

Reserved: 2026-06-09T07:44:35.390Z

Link: CVE-2026-53188

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53188", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.390Z", "datePublished": "2026-06-25T08:39:00.960Z", "dateUpdated": "2026-06-25T08:39:00.960Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-25T08:39:00.960Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Validate the passed in fops for ib_get_ucaps()\n\nSashiko pointed out it is not safe to rely only on the devt because\nchar/block alias so if the user finds a block device with the same dev_t\nit can masquerade as a ucap cdev fd.\n\nTest the f_ops to only accept authentic cdevs."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/core/ucaps.c"], "versions": [{"version": "61e51682816d395307f78ae06d640089054c28ab", "lessThan": "96b6e98ff12d50ed5817230c6f1188e1150d225d", "status": "affected", "versionType": "git"}, {"version": "61e51682816d395307f78ae06d640089054c28ab", "lessThan": "aa181287ebdcc53ee0ba5c2f8243e2d541ebc19b", "status": "affected", "versionType": "git"}, {"version": "61e51682816d395307f78ae06d640089054c28ab", "lessThan": "4a1b1ac2744694a2ecd66a84bdb1445f4ef24bee", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/core/ucaps.c"], "versions": [{"version": "6.15", "status": "affected"}, {"version": "0", "lessThan": "6.15", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.36", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.13", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "6.18.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "7.0.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.15", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/96b6e98ff12d50ed5817230c6f1188e1150d225d"}, {"url": "https://git.kernel.org/stable/c/aa181287ebdcc53ee0ba5c2f8243e2d541ebc19b"}, {"url": "https://git.kernel.org/stable/c/4a1b1ac2744694a2ecd66a84bdb1445f4ef24bee"}], "title": "RDMA/core: Validate the passed in fops for ib_get_ucaps()", "x_generator": {"engine": "bippy-1.2.0"}}}}