CVE-2026-53298
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2026
Last modified:
30/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue()<br />
<br />
If queue entry or DMA descriptor list allocation fails in<br />
airoha_qdma_init_rx_queue routine, airoha_qdma_cleanup() will trigger a<br />
NULL pointer dereference running netif_napi_del() for RX queue NAPIs<br />
since netif_napi_add() has never been executed to this particular RX NAPI.<br />
The issue is due to the early ndesc initialization in<br />
airoha_qdma_init_rx_queue() since airoha_qdma_cleanup() relies on ndesc<br />
value to check if the queue is properly initialized. Fix the issue moving<br />
ndesc initialization at end of airoha_qdma_init_tx routine.<br />
Move page_pool allocation after descriptor list allocation in order to<br />
avoid memory leaks if desc allocation fails.



