In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Bound root directory content to block size
__tb_property_parse_dir() does not check that content_offset +
content_len fits within block_len for the root directory case.
When rootdir->length equals or exceeds block_len - 2, the entry
loop reads past the allocated property block.
Add a bounds check after computing content_offset and content_len
to reject directories whose content extends past the block.
CVSS
No CVSS.
References
Configurations
No configuration.
History
25 Jun 2026, 09:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 09:16
Updated : 2026-06-30 14:44
NVD link : CVE-2026-53149
Mitre link : CVE-2026-53149
CVE.ORG link : CVE-2026-53149
JSON object : View
Products Affected
No product.
CWE
No CWE.
