HOMEVULNERABILITIESCVE-2026-53196
MEDIUM

CVE-2026-53196

Published: June 25, 2026· Updated: Jul 1, 2026

6.8
CVSS v3.1
EPSS:0.20%probability of exploitation in 30 daysPercentile:10.4th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

USB: serial: io_ti: fix heap overflow in get_manuf_info()

get_manuf_info() reads le16_to_cpu(rom_desc->Size) bytes from the

device I2C EEPROM into a buffer allocated with kmalloc_obj(), which

is sizeof(struct edge_ti_manuf_descriptor) = 10 bytes.

The Size field comes from the device and is only validated (in

check_i2c_image()) to make sure the descriptor fits within

TI_MAX_I2C_SIZE (16384 bytes), not against the destination buffer size.

A malicious USB device can therefore set Size to any value up to 16377,

causing a heap overflow of up to 16367 bytes when plugged into a host

running this driver.

valid_csum() is called after read_rom() and also iterates

buffer[0..Size-1], compounding the out-of-bounds access.

Fix by rejecting descriptors with unexpected length before calling

read_rom().

[ johan: amend commit message; also check for short descriptors ]

NVD Source

Technical Analysis

CVE-2026-53196 requires local access, meaning attackers must already have a foothold on the target system.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 6.8.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorPhysical
Attack ComplexityLow
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (11)

Quick Facts

CVE IDCVE-2026-53196
CVSS Score6.8 / 10
SeverityMEDIUM
CISA KEVNo
EPSS (30d)0.20%
PublishedJun 25, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-53196 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.