Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size __tb_property_parse_dir() does not check that content_offset + content_len fits within block_len for the root directory case. When rootdir->length equals or exceeds block_len - 2, the entry loop reads past the allocated property block. Add a bounds check after computing content_offset and content_len to reject directories whose content extends past the block.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 7.4%
CVSS Severity
CVSS v3 Score 7.1
Products affected by CVE-2026-53149


Contact Us

Shodan ® - All rights reserved