CVE-2026-53299
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
In the Linux kernel, a vulnerability was found in the airoha network driver. Early initialization of the ndesc variable in airoha_qdma_init_tx_queue() causes a NULL pointer dereference in airoha_qdma_cleanup_tx_queue() when queue entry list allocation fails.
Risk Assessment
The vulnerability can cause a system crash (kernel panic) due to NULL pointer dereference, posing a risk of service disruption on the server.
Recommendation
Update the Linux kernel to a version containing the fix that moves ndesc initialization to the end of airoha_qdma_init_tx().
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_tx() If queue entry list allocation fails in airoha_qdma_init_tx_queue routine, airoha_qdma_cleanup_tx_queue() will trigger a NULL pointer dereference accessing the queue entry array. The issue is due to the early ndesc initialization in airoha_qdma_init_tx_queue(). Fix the issue moving ndesc initialization at end of airoha_qdma_init_tx routine.

