CVE-2026-53298 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue() If queue entry or DMA descriptor list allocation fails in airoha_qdma_init_rx_queue routine, airoha_qdma_cleanup() will trigger a NULL pointer dereference running netif_napi_del() for RX queue NAPIs since netif_napi_add() has never been executed to this particular RX NAPI. The issue is due to the early ndesc initialization in airoha_qdma_init_rx_queue() since airoha_qdma_cleanup() relies on ndesc value to check if the queue is properly initialized. Fix the issue moving ndesc initialization at end of airoha_qdma_init_tx routine. Move page_pool allocation after descriptor list allocation in order to avoid memory leaks if desc allocation fails.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/14dc48e5ba73d5c69559bf1a1a6884f7843aade7
https://git.kernel.org/stable/c/379050947a1828826ad7ea50c95245a56929b35a
https://git.kernel.org/stable/c/4d4acfa348a1d8c0941004823662ede0fdb5dea5
https://git.kernel.org/stable/c/d36be272adda7f313e39dd118086955d993bf6a7

History

Fri, 26 Jun 2026 22:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-476

Fri, 26 Jun 2026 20:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue() If queue entry or DMA descriptor list allocation fails in airoha_qdma_init_rx_queue routine, airoha_qdma_cleanup() will trigger a NULL pointer dereference running netif_napi_del() for RX queue NAPIs since netif_napi_add() has never been executed to this particular RX NAPI. The issue is due to the early ndesc initialization in airoha_qdma_init_rx_queue() since airoha_qdma_cleanup() relies on ndesc value to check if the queue is properly initialized. Fix the issue moving ndesc initialization at end of airoha_qdma_init_tx routine. Move page_pool allocation after descriptor list allocation in order to avoid memory leaks if desc allocation fails.
Title		net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/14dc48e5ba73d5c69559bf1a1a6884f7843aade7 https://git.kernel.org/stable/c/379050947a1828826ad7ea50c95245a56929b35a https://git.kernel.org/stable/c/4d4acfa348a1d8c0941004823662ede0fdb5dea5 https://git.kernel.org/stable/c/d36be272adda7f313e39dd118086955d993bf6a7

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-26T19:40:55.867Z

Updated: 2026-06-26T19:40:55.867Z

Reserved: 2026-06-09T07:44:35.396Z

Link: CVE-2026-53298

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-27T02:15:09Z

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object