nvmem: layouts: onie-tlv: fix hang on unknown types
Summary
| CVE | CVE-2026-53336 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-01 14:16:41 UTC |
| Updated | 2026-07-01 14:16:41 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: nvmem: layouts: onie-tlv: fix hang on unknown types The EEPROM on my board has a vendor specific entry of type 0x41. When stumbling upon that, this driver hangs in an endless loop. Fix it by keep incrementing the offset on unknown entries, so the loop will eventually stop. |
Risk And Classification
EPSS: 0.001560000 probability, percentile 0.051930000 (date 2026-07-04)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected d3c0d12f6474216bf386101e2449cc73e5c5b61d 033d498b0f473c6456be5f885be172024ad84972 git | Not specified |
| CNA | Linux | Linux | affected d3c0d12f6474216bf386101e2449cc73e5c5b61d fd47edeabadfaa75422009dc5894e92c4c697517 git | Not specified |
| CNA | Linux | Linux | affected d3c0d12f6474216bf386101e2449cc73e5c5b61d 4a4d21f531ccf5bb333d99b620e0d66551f3652c git | Not specified |
| CNA | Linux | Linux | affected d3c0d12f6474216bf386101e2449cc73e5c5b61d 4f27eb01619c36cc8e3ce9a2a9af97f145f5d1c6 git | Not specified |
| CNA | Linux | Linux | affected d3c0d12f6474216bf386101e2449cc73e5c5b61d ea41020b9018e31c2ea7e9d89021e3e6d7470883 git | Not specified |
| CNA | Linux | Linux | affected 6.4 | Not specified |
| CNA | Linux | Linux | unaffected 6.4 semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.143 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.94 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.36 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.13 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/ea41020b9018e31c2ea7e9d89021e3e6d7470883 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/4a4d21f531ccf5bb333d99b620e0d66551f3652c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/4f27eb01619c36cc8e3ce9a2a9af97f145f5d1c6 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/033d498b0f473c6456be5f885be172024ad84972 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/fd47edeabadfaa75422009dc5894e92c4c697517 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.