PT-2026-54805 · Linux · Linux Kernel
Published
2026-07-01
·
Updated
2026-07-02
·
CVE-2026-53337
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A NULL pointer dereference exists in the
bond do ioctl() function. The issue occurs because the slave dbg() macro is called before the system verifies if the slave dev variable is NULL. When a user provides a non-existent slave interface name through the bonding ioctl interface (such as SIOCBONDENSLAVE or SIOCBONDRELEASE), the slave dbg() macro attempts to access slave dev->name, leading to a kernel oops. This can be triggered by a local user with CAP NET ADMIN capabilities, potentially resulting in a local denial-of-service.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel