CVE-2026-52979

ANALYSIS PENDING

net: psp: check for device unregister when creating assoc

Title source: cna
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc psp_assoc_device_get_locked() obtains a psp_dev reference via psp_dev_get_for_sock() (which uses psp_dev_tryget() under RCU); it then acquires psd->lock and drops the reference. Before the lock is taken, psp_dev_unregister() can run to completion: take psd->lock, clear out state, unlock, drop the registration reference. The expectation is that the lock prevents device unregistration, but much like with netdevs special care has to be taken when "upgrading" a reference to a locked device. Add the missing check if device is still alive. psp_dev_is_registered() exists already but had no callers, which makes me wonder if I either forgot to add this or lost the check during refactoring...

Scores

EPSS 0.0017
EPSS Percentile 6.1%

Details

Status published
Products (10)
linux/Kernel 6.18.0 - 6.18.33linux
linux/Kernel 6.19.0 - 7.0.10linux
Linux/Linux < 6.18
Linux/Linux 6.18
Linux/Linux 6.18.33 - 6.18.*
Linux/Linux 6b46ca260e2290e3453d1355ab5b6d283d73d780 - b89769f936a8fa9e66de72ddc1b71a9745a488e6
Linux/Linux 6b46ca260e2290e3453d1355ab5b6d283d73d780 - d90df5ce6deb2424de3ad89bcc693ac1b67accc9
Linux/Linux 6b46ca260e2290e3453d1355ab5b6d283d73d780 - e201c57073e624dd2ba5beaf9eda31e19b77b332
Linux/Linux 7.0.10 - 7.0.*
Linux/Linux 7.1
Published Jun 24, 2026
Tracked Since Jun 24, 2026