Skip to main content

Linux Kernel CVE-2026-53172

| EUVDEUVD-2026-39263 HIGH
Out-of-bounds Read (CWE-125)
2026-06-25 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-jf8x-7724-7vrr
7.8
CVSS 3.1 · Vendor: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Share

Severity by source

Vendor (416baaa9-dc9f-4396-8d5f-8c081fb06d67) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
7.8 HIGH

Requires local access to the NPU accel device node so AV:L/PR:L; the deterministic mask typo makes triggering trivial (AC:L), and a controlled kernel-heap overwrite yields full C/I/A impact.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (416baaa9-dc9f-4396-8d5f-8c081fb06d67).

CVSS VectorVendor: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Analysis Generated
Jun 28, 2026 - 09:19 vuln.today
CVSS changed
Jun 28, 2026 - 08:22 NVD
7.8 (HIGH)
Patch available
Jun 25, 2026 - 10:32 EUVD
CVE Published
Jun 25, 2026 - 09:16 cve.org
UNKNOWN (no severity yet)
CVE Published
Jun 25, 2026 - 09:16 cve.org
HIGH 7.8

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

accel/ethosu: fix IFM region index out-of-bounds in command stream parser

NPU_SET_IFM_REGION extracts the region index with param & 0x7f, giving a maximum value of 127. However region_size[] and output_region[] in struct ethosu_validated_cmdstream_info are both sized to NPU_BASEP_REGION_MAX (8), giving valid indices [0..7].

Every other region assignment in the same switch uses param & 0x7: NPU_SET_OFM_REGION: st.ofm.region = param & 0x7; NPU_SET_IFM2_REGION: st.ifm2.region = param & 0x7; NPU_SET_WEIGHT_REGION: st.weight[0].region = param & 0x7; NPU_SET_SCALE_REGION: st.scale[0].region = param & 0x7;

The 0x7f mask on IFM is inconsistent and appears to be a typo.

feat_matrix_length() and calc_sizes() use the region index directly as an array subscript into the kzalloc'd info struct: info->region_size[fm->region] = max(...);

A userspace caller supplying NPU_SET_IFM_REGION with param > 7 causes a write up to 127*8 = 1016 bytes past the start of region_size[], corrupting adjacent kernel heap data.

Fix by applying the same & 0x7 mask used by all other region assignments.

AnalysisAI

Heap out-of-bounds write in the Linux kernel's Arm Ethos-U NPU accelerator driver (accel/ethosu) lets a local user with access to the NPU device corrupt adjacent kernel heap memory. The command-stream parser masks the IFM region index with 0x7f (max 127) instead of 0x7 (max 7) like every other region assignment, so a crafted NPU_SET_IFM_REGION opcode with param > 7 indexes far past the 8-entry region_size[]/output_region[] arrays, writing up to ~1016 bytes beyond the allocation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local access to NPU accel device node
Delivery
Craft command stream with NPU_SET_IFM_REGION param > 7
Exploit
Submit stream, IFM region index escapes 0-7 bounds
Execution
Out-of-bounds write past region_size[] into heap
Persist
Corrupt adjacent SLUB objects
Impact
Escalate privileges or crash kernel

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to a system whose kernel has the accel/ethosu (Arm Ethos-U NPU) driver loaded and an accessible accel device node, plus the ability to submit a command stream containing the NPU_SET_IFM_REGION opcode with the region parameter set greater than 7 (8-127). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are broadly consistent and point to a real but access-gated local privilege-escalation/DoS risk rather than a mass-exploitation event. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user (or a sandboxed/compromised process granted access to the NPU accel device) opens the Ethos-U device node and submits a malicious command stream containing NPU_SET_IFM_REGION with a region parameter between 8 and 127. The parser writes region metadata far beyond region_size[], corrupting adjacent SLUB heap objects, which an attacker can shape to achieve denial of service or, with careful heap grooming, kernel privilege escalation. …
Remediation Upstream fix available (commits 00f547e0dfecf83014fb32bcba587c6b684c1362 and ee7bed779def61ebff1b92b0e851f412176fa416), which replaces the `param & 0x7f` IFM region mask with `param & 0x7` to match the other region assignments; update to a stable kernel that includes these commits (EUVD references patched 7.0.13 and 7.1 lines) - verify against your distribution's backport before deploying. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems with Arm Ethos-U NPU accelerators (focus on edge AI inference platforms, ML accelerator appliances, and IoT gateways). …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-53172 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy