{"api_version":"1","generated_at":"2026-07-09T13:08:14+00:00","cve":"CVE-2026-53086","urls":{"html":"https://cve.report/CVE-2026-53086","api":"https://cve.report/api/cve/CVE-2026-53086.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-53086","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-53086"},"summary":{"title":"net: bcmgenet: fix racing timeout handler","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmgenet: fix racing timeout handler\n\nThe bcmgenet_timeout handler tries to take down all tx queues when\na single queue times out. This is over zealous and causes many race\nconditions with queues that are still chugging along. Instead lets\nonly restart the timed out queue.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-06-24 17:17:22","updated_at":"2026-06-28 08:16:33"},"problem_types":[],"metrics":[{"version":"3.1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"DECLARED","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://git.kernel.org/stable/c/681fdfe823b4f1036ed50b58b8838c7917ea389c","name":"https://git.kernel.org/stable/c/681fdfe823b4f1036ed50b58b8838c7917ea389c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e85b0c0a12e967930044608311471b665baa315c","name":"https://git.kernel.org/stable/c/e85b0c0a12e967930044608311471b665baa315c","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/7ce1c26aac3b318886a57425f64b522da7389153","name":"https://git.kernel.org/stable/c/7ce1c26aac3b318886a57425f64b522da7389153","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/c270e2bec3e55a716d25c35341091339457ac883","name":"https://git.kernel.org/stable/c/c270e2bec3e55a716d25c35341091339457ac883","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/5393b2b5bee2ac51a0043dc7f4ac3475f053d08d","name":"https://git.kernel.org/stable/c/5393b2b5bee2ac51a0043dc7f4ac3475f053d08d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/e8206538cbaf4f4068e99a4cb1138690a1e00499","name":"https://git.kernel.org/stable/c/e8206538cbaf4f4068e99a4cb1138690a1e00499","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-53086","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-53086","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 e85b0c0a12e967930044608311471b665baa315c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 e8206538cbaf4f4068e99a4cb1138690a1e00499 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 681fdfe823b4f1036ed50b58b8838c7917ea389c git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 c270e2bec3e55a716d25c35341091339457ac883 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 7ce1c26aac3b318886a57425f64b522da7389153 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 13ea657806cf73b379a0109f7042182f47c351a7 5393b2b5bee2ac51a0043dc7f4ac3475f053d08d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 4.2","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 4.2 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.175 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.6.141 6.6.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.12.91 6.12.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.33 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.10 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"53086","cve":"CVE-2026-53086","epss":"0.003860000","percentile":"0.304110000","score_date":"2026-06-30","updated_at":"2026-07-01 00:05:17"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["drivers/net/ethernet/broadcom/genet/bcmgenet.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"e85b0c0a12e967930044608311471b665baa315c","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"},{"lessThan":"e8206538cbaf4f4068e99a4cb1138690a1e00499","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"},{"lessThan":"681fdfe823b4f1036ed50b58b8838c7917ea389c","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"},{"lessThan":"c270e2bec3e55a716d25c35341091339457ac883","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"},{"lessThan":"7ce1c26aac3b318886a57425f64b522da7389153","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"},{"lessThan":"5393b2b5bee2ac51a0043dc7f4ac3475f053d08d","status":"affected","version":"13ea657806cf73b379a0109f7042182f47c351a7","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["drivers/net/ethernet/broadcom/genet/bcmgenet.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"4.2"},{"lessThan":"4.2","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.175","versionType":"semver"},{"lessThanOrEqual":"6.6.*","status":"unaffected","version":"6.6.141","versionType":"semver"},{"lessThanOrEqual":"6.12.*","status":"unaffected","version":"6.12.91","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.33","versionType":"semver"},{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.10","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.175","versionStartIncluding":"4.2","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6.141","versionStartIncluding":"4.2","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.12.91","versionStartIncluding":"4.2","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.33","versionStartIncluding":"4.2","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.10","versionStartIncluding":"4.2","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1","versionStartIncluding":"4.2","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmgenet: fix racing timeout handler\n\nThe bcmgenet_timeout handler tries to take down all tx queues when\na single queue times out. This is over zealous and causes many race\nconditions with queues that are still chugging along. Instead lets\nonly restart the timed out queue."}],"metrics":[{"cvssV3_1":{"baseScore":9.8,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"providerMetadata":{"dateUpdated":"2026-06-28T06:39:08.441Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/e85b0c0a12e967930044608311471b665baa315c"},{"url":"https://git.kernel.org/stable/c/e8206538cbaf4f4068e99a4cb1138690a1e00499"},{"url":"https://git.kernel.org/stable/c/681fdfe823b4f1036ed50b58b8838c7917ea389c"},{"url":"https://git.kernel.org/stable/c/c270e2bec3e55a716d25c35341091339457ac883"},{"url":"https://git.kernel.org/stable/c/7ce1c26aac3b318886a57425f64b522da7389153"},{"url":"https://git.kernel.org/stable/c/5393b2b5bee2ac51a0043dc7f4ac3475f053d08d"}],"title":"net: bcmgenet: fix racing timeout handler","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-53086","datePublished":"2026-06-24T16:30:26.111Z","dateReserved":"2026-06-09T07:44:35.384Z","dateUpdated":"2026-06-28T06:39:08.441Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-24 17:17:22","lastModifiedDate":"2026-06-28 08:16:33","problem_types":[],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"53086","Ordinal":"1","Title":"net: bcmgenet: fix racing timeout handler","CVE":"CVE-2026-53086","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"53086","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmgenet: fix racing timeout handler\n\nThe bcmgenet_timeout handler tries to take down all tx queues when\na single queue times out. This is over zealous and causes many race\nconditions with queues that are still chugging along. Instead lets\nonly restart the timed out queue.","Type":"Description","Title":"net: bcmgenet: fix racing timeout handler"}]}}}