Home

Description

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard mana_remove against double invocation If PM resume fails (e.g., mana_attach() returns an error), mana_probe() calls mana_remove(), which tears down the device and sets gd->gdma_context = NULL and gd->driver_data = NULL. However, a failed resume callback does not automatically unbind the driver. When the device is eventually unbound, mana_remove() is invoked a second time. Without a NULL check, it dereferences gc->dev with gc == NULL, causing a kernel panic. Add an early return if gdma_context or driver_data is NULL so the second invocation is harmless. Move the dev = gc->dev assignment after the guard so it cannot dereference NULL.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-26 | Updated 2026-06-26 | Assigner Linux

Product status

Default status
unaffected

635096a86edb067d55a1e04b4a918f5c6dac0c51 (git) before a1ddfd2c0b7a48e5239fadd2a24cc4bc2cda90e6
affected

635096a86edb067d55a1e04b4a918f5c6dac0c51 (git) before bbe5c3c570645a4ceb120979d3ee203a1583d775
affected

635096a86edb067d55a1e04b4a918f5c6dac0c51 (git) before 50271d7ec95144d26808025b508f463780517d3c
affected

Default status
affected

5.16
affected

Any version before 5.16
unaffected

6.18.33 (semver)
unaffected

7.0.10 (semver)
unaffected

7.1 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/a1ddfd2c0b7a48e5239fadd2a24cc4bc2cda90e6

git.kernel.org/...c/bbe5c3c570645a4ceb120979d3ee203a1583d775

git.kernel.org/...c/50271d7ec95144d26808025b508f463780517d3c

cve.org (CVE-2026-53297)

nvd.nist.gov (CVE-2026-53297)

Download JSON