Skip to main content

Linux Kernel CVE-2026-53086

| EUVDEUVD-2026-38954 CRITICAL
2026-06-24 Linux GHSA-39xw-f64j-hqp8
9.8
CVSS 3.1 · Vendor: Linux
Share

Severity by source

Vendor (Linux) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
4.7 MEDIUM

Triggering needs a local TX stall the attacker cannot reliably control (AV:L/AC:H/PR:L); impact is a race-induced crash, so A:H with no confidentiality or integrity effect.

3.1 AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
4.0 AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Linux).

CVSS VectorVendor: Linux

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 28, 2026 - 09:07 vuln.today
CVSS changed
Jun 28, 2026 - 08:22 NVD
9.8 (CRITICAL)
Patch available
Jun 24, 2026 - 18:02 EUVD
CVE Published
Jun 24, 2026 - 16:30 cve.org
CRITICAL 9.8
CVE Published
Jun 24, 2026 - 16:30 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

net: bcmgenet: fix racing timeout handler

The bcmgenet_timeout handler tries to take down all tx queues when a single queue times out. This is over zealous and causes many race conditions with queues that are still chugging along. Instead lets only restart the timed out queue.

AnalysisAI

Denial of service in the Linux kernel's Broadcom GENET (bcmgenet) Ethernet driver arises because the bcmgenet_timeout handler tears down all transmit queues when only a single queue times out, racing against queues still actively transmitting. The flaw affects systems using Broadcom GENET NICs (e.g. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach Broadcom GENET interface with traffic
Delivery
Induce TX queue stall/timeout
Exploit
Watchdog tears down all queues amid active TX
Execution
Race corrupts driver/queue state
Impact
Kernel networking crash or hang (DoS)

Vulnerability AssessmentAI

Exploitation Exploitation requires the target to be running the Linux kernel with the bcmgenet driver active on Broadcom GENET Ethernet hardware (e.g. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals conflict sharply and this is a high-CVSS-but-low-real-risk case. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker or adverse network condition induces a transmit stall on one bcmgenet TX queue (for example via heavy or malformed traffic that stalls the NIC), causing the watchdog to fire and the buggy handler to tear down all queues while others are mid-transmission. The resulting race corrupts driver state and can crash or hang the networking stack, producing a denial of service on the affected Broadcom GENET device. …
Remediation Update to a kernel containing the fix: Vendor-released patch versions are 6.1.175, 6.6.141, 6.12.91, 6.18.33 or 7.0.10 (or later) on the corresponding stable branches; pull the specific patch from the kernel.org stable commits (e.g. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running Broadcom GENET NICs (Raspberry Pi 4/CM4, Broadcom set-top boxes) in your infrastructure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-53086 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy