CVE-2026-53336

medium

Description

In the Linux kernel, the following vulnerability has been resolved: nvmem: layouts: onie-tlv: fix hang on unknown types The EEPROM on my board has a vendor specific entry of type 0x41. When stumbling upon that, this driver hangs in an endless loop. Fix it by keep incrementing the offset on unknown entries, so the loop will eventually stop.

References

https://git.kernel.org/stable/c/fd47edeabadfaa75422009dc5894e92c4c697517

https://git.kernel.org/stable/c/ea41020b9018e31c2ea7e9d89021e3e6d7470883

https://git.kernel.org/stable/c/4f27eb01619c36cc8e3ce9a2a9af97f145f5d1c6

https://git.kernel.org/stable/c/4a4d21f531ccf5bb333d99b620e0d66551f3652c

https://git.kernel.org/stable/c/033d498b0f473c6456be5f885be172024ad84972

Details

Source: Mitre, NVD

Published: 2026-07-01

Updated: 2026-07-01

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium