Home

Description

In the Linux kernel, the following vulnerability has been resolved: net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state (PSP version configuration and cryptographic key material, respectively) but do not require CAP_NET_ADMIN. The only access control is psp_dev_check_access() which merely verifies netns membership.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-24 | Updated 2026-06-24 | Assigner Linux

Product status

Default status
unaffected

00c94ca2b99e6610e483f92e531b319eeaed94aa (git) before aa1a08a4632af5d1117779e7ff0e32e3c69f29bd
affected

00c94ca2b99e6610e483f92e531b319eeaed94aa (git) before fb88a8c86109edb15971481e3de816a8bfdfe571
affected

00c94ca2b99e6610e483f92e531b319eeaed94aa (git) before b718342a7fbaa2dff5fefc31988c07af8c6cbc21
affected

Default status
affected

6.18
affected

Any version before 6.18
unaffected

6.18.33 (semver)
unaffected

7.0.10 (semver)
unaffected

7.1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/aa1a08a4632af5d1117779e7ff0e32e3c69f29bd

git.kernel.org/...c/fb88a8c86109edb15971481e3de816a8bfdfe571

git.kernel.org/...c/b718342a7fbaa2dff5fefc31988c07af8c6cbc21

cve.org (CVE-2026-52978)

nvd.nist.gov (CVE-2026-52978)

Download JSON