PCI: use generic driver_override infrastructure

Description

A vulnerability, classified as critical, was found in Linux Kernel up to 6.12.90/6.18.32/7.0.9. Impacted is the function __driver_attach of the component PCI. Such manipulation of the argument driver_override leads to use after free. This vulnerability is documented as CVE-2026-53120. The attack requires being on the local network.

Affected Products

Vendor	Product	Versions
linux	linux kernel	782a985d7af26db39e86070d28f987cad21313c0, 782a985d7af26db39e86070d28f987cad21313c0, 782a985d7af26db39e86070d28f987cad21313c0, 782a985d7af26db39e86070d28f987cad21313c0, 3.16, 6.12.90, 6.18.32, 7.0.9

References

Related News (3 articles)

Tier A

Microsoft MSRC2h ago

CVE-2026-53120 PCI: use generic driver_override infrastructure

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-53120 | Linux Kernel up to 6.12.90/6.18.32/7.0.9 PCI __driver_attach driver_override use after free

→ No new info (linked only)

Tier C

Linux Kernel CVEs3d ago

CVE-2026-53120: PCI: use generic driver_override infrastructure

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

dfe950d9464cad609f3b118c6203e2708055bc6158a42be0d70307d765594fc581f5f5e5ef059712c5b2c5755495507e14f310c2653c85de0a309b1f10a4206a24013be4d558d476010cbf2eb4c9fa6406.12.916.18.337.0.107.1

PublishedJun 24, 2026

Last enriched3d agov2

Trending Score65

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack