{"id":"CVE-2026-53295","summary":"mailbox: add sanity check for channel array","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: add sanity check for channel array\n\nFail gracefully if there is no channel array attached to the mailbox\ncontroller. Otherwise the later dereference will cause an OOPS which\nmight not be seen because mailbox controllers might instantiate very\nearly. Remove the comment explaining the obvious while here.","modified":"2026-07-09T03:52:03.189295232Z","published":"2026-06-26T19:40:53.670Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53295.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0f11444271110d9b5bc6316a153c6431abda899c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/14aed0d4e58389cc6a88acf8610b12d3e476272b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/37792091ab28ba030fd8d61184c47d4d51294170"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5cc3300fab262b26c28bc2fc06df693410c3840b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6362c4a7d7e21e68cd9aa04df7cde16befba3a4b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9dd7489943324298bb0f385495795a82f1dd6507"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c1aad75595fb67edc7fda8af249d3b886efa1be9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d44872a569b8fbacde457ff2587a775e5004bb79"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53295.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-53295"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2b6d83e2b8b7de82331a6a1dcd64b51020a6031c"},{"fixed":"5cc3300fab262b26c28bc2fc06df693410c3840b"},{"fixed":"0f11444271110d9b5bc6316a153c6431abda899c"},{"fixed":"d44872a569b8fbacde457ff2587a775e5004bb79"},{"fixed":"14aed0d4e58389cc6a88acf8610b12d3e476272b"},{"fixed":"6362c4a7d7e21e68cd9aa04df7cde16befba3a4b"},{"fixed":"9dd7489943324298bb0f385495795a82f1dd6507"},{"fixed":"37792091ab28ba030fd8d61184c47d4d51294170"},{"fixed":"c1aad75595fb67edc7fda8af249d3b886efa1be9"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53295.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.18.0"},{"fixed":"5.10.258"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.209"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.175"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.141"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.91"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.33"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53295.json"}}],"schema_version":"1.7.5"}