Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-53336— nvmem: layouts: onie-tlv: fix hang on unknown types

AI Predicted 3.3 Difficulty: Moderate EPSS 0.16% · P5

Possible ATT&CK Techniques 1AI

T1003 · OS Credential Dumping

Affected Version Matrix 12

VendorProductVersion RangeStatus
LinuxLinuxd3c0d12f6474216bf386101e2449cc73e5c5b61d< 033d498b0f473c6456be5f885be172024ad84972affected
d3c0d12f6474216bf386101e2449cc73e5c5b61d< fd47edeabadfaa75422009dc5894e92c4c697517affected
d3c0d12f6474216bf386101e2449cc73e5c5b61d< 4a4d21f531ccf5bb333d99b620e0d66551f3652caffected
d3c0d12f6474216bf386101e2449cc73e5c5b61d< 4f27eb01619c36cc8e3ce9a2a9af97f145f5d1c6affected
d3c0d12f6474216bf386101e2449cc73e5c5b61d< ea41020b9018e31c2ea7e9d89021e3e6d7470883affected
6.4affected
< 6.4unaffected
6.6.143≤ 6.6.*unaffected
… +4 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-53336

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
nvmem: layouts: onie-tlv: fix hang on unknown types
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: nvmem: layouts: onie-tlv: fix hang on unknown types The EEPROM on my board has a vendor specific entry of type 0x41. When stumbling upon that, this driver hangs in an endless loop. Fix it by keep incrementing the offset on unknown entries, so the loop will eventually stop.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会开源的一款操作系统内核。 Linux kernel 6.4版本存在安全漏洞,该漏洞源于onie-tlv布局驱动在处理未知类型条目时未正确增加偏移量,可能导致无限循环。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux d3c0d12f6474216bf386101e2449cc73e5c5b61d ~ 033d498b0f473c6456be5f885be172024ad84972 -
LinuxLinux 6.4 -

II. Public POCs for CVE-2026-53336

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-53336

登录查看更多情报信息。

Patches & Fixes for CVE-2026-53336 (5)

Same Patch Batch · Linux · 2026-07-01 · 31 CVEs total

CVE-2026-53342arm64: mm: call pagetable dtor when freeing hot-removed page tables
CVE-2026-53326debugobjects: Don't call fill_pool() in early boot hardirq context
CVE-2026-53327debugobjects: Do not fill_pool() if pi_blocked_on
CVE-2026-53328sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task()
CVE-2026-53329drm/amd/display: Use krealloc_array() in dal_vector_reserve()
CVE-2026-53330drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()
CVE-2026-53331slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock
CVE-2026-53332slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd
CVE-2026-53334mm/damon/reclaim: handle ctx allocation failure
CVE-2026-53333mm/mincore: handle non-swap entries before !CONFIG_SWAP guard
CVE-2026-53335mm/damon/lru_sort: handle ctx allocation failure
CVE-2026-53337net: bonding: fix NULL pointer dereference in bond_do_ioctl()
CVE-2026-53338net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues()
CVE-2026-53340i2c: imx: fix clock and pinctrl state inconsistency in runtime PM
CVE-2026-53339i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()
CVE-2026-53356drm/i915/gem: Fix phys BO pread/pwrite with offset
CVE-2026-53341fhandle: fix UAF due to unlocked ->mnt_ns read in may_decode_fh()
CVE-2026-53343ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow
CVE-2026-53344pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init
CVE-2026-53345KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying

Showing top 20 of 31 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-53336

No comments yet


Leave a comment