CVE-2026-53052 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing witout check could lead to incorrect memory access.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1ac96689ce2984f4f6ef8892fcb65da377408421
https://git.kernel.org/stable/c/296810e91f21a21794886c57f954495d8afd7f32
https://git.kernel.org/stable/c/6d2491a585202a967ed91f30ec5960024f2536d0
https://git.kernel.org/stable/c/8e8cd78b6000c9d19db249a5a68287158f288ef3
https://git.kernel.org/stable/c/a1a24d4b8c9682f9b7a9138f636ff004c721aef1
https://git.kernel.org/stable/c/d5bfdd28e0cdd45043ae6e0ac168a451d59283dc

History

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing witout check could lead to incorrect memory access.
Title		ASoC: qcom: qdsp6: topology: check widget type before accessing data
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1ac96689ce2984f4f6ef8892fcb65da377408421 https://git.kernel.org/stable/c/296810e91f21a21794886c57f954495d8afd7f32 https://git.kernel.org/stable/c/6d2491a585202a967ed91f30ec5960024f2536d0 https://git.kernel.org/stable/c/8e8cd78b6000c9d19db249a5a68287158f288ef3 https://git.kernel.org/stable/c/a1a24d4b8c9682f9b7a9138f636ff004c721aef1 https://git.kernel.org/stable/c/d5bfdd28e0cdd45043ae6e0ac168a451d59283dc

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:29:58.030Z

Updated: 2026-06-24T16:29:58.030Z

Reserved: 2026-06-09T07:44:35.381Z

Link: CVE-2026-53052

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53052", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.381Z", "datePublished": "2026-06-24T16:29:58.030Z", "dateUpdated": "2026-06-24T16:29:58.030Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-24T16:29:58.030Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: qdsp6: topology: check widget type before accessing data\n\nCheck widget type before accessing the private data, as this could a\nvirtual widget which is no associated with a dsp graph, container and\nmodule. Accessing witout check could lead to incorrect memory access."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/qcom/qdsp6/topology.c"], "versions": [{"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "8e8cd78b6000c9d19db249a5a68287158f288ef3", "status": "affected", "versionType": "git"}, {"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "1ac96689ce2984f4f6ef8892fcb65da377408421", "status": "affected", "versionType": "git"}, {"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "296810e91f21a21794886c57f954495d8afd7f32", "status": "affected", "versionType": "git"}, {"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "a1a24d4b8c9682f9b7a9138f636ff004c721aef1", "status": "affected", "versionType": "git"}, {"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "6d2491a585202a967ed91f30ec5960024f2536d0", "status": "affected", "versionType": "git"}, {"version": "36ad9bf1d93d66b901342eab9f8ed6c1537655a6", "lessThan": "d5bfdd28e0cdd45043ae6e0ac168a451d59283dc", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/qcom/qdsp6/topology.c"], "versions": [{"version": "5.16", "status": "affected"}, {"version": "0", "lessThan": "5.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.175", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.141", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.91", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.1.175"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.6.141"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.12.91"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "6.18.33"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8e8cd78b6000c9d19db249a5a68287158f288ef3"}, {"url": "https://git.kernel.org/stable/c/1ac96689ce2984f4f6ef8892fcb65da377408421"}, {"url": "https://git.kernel.org/stable/c/296810e91f21a21794886c57f954495d8afd7f32"}, {"url": "https://git.kernel.org/stable/c/a1a24d4b8c9682f9b7a9138f636ff004c721aef1"}, {"url": "https://git.kernel.org/stable/c/6d2491a585202a967ed91f30ec5960024f2536d0"}, {"url": "https://git.kernel.org/stable/c/d5bfdd28e0cdd45043ae6e0ac168a451d59283dc"}], "title": "ASoC: qcom: qdsp6: topology: check widget type before accessing data", "x_generator": {"engine": "bippy-1.2.0"}}}}