{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-53332","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-06-09T07:44:35.398Z","datePublished":"2026-07-01T13:32:16.289Z","dateUpdated":"2026-07-04T11:51:07.922Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-07-04T11:51:07.922Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd\n\nWhen the remoteproc starts in parallel with the NGD driver being probed,\nor the remoteproc is already up when the PDR lookup is being registered,\nor in the theoretical event that we get an interrupt from the hardware,\nthese callbacks will operate on uninitialized data. This result in\nissues to boot the affected boards.\n\nOne such example can be seen in the following fault, where\nqcom_slim_ngd_ssr_pdr_notify() schedules work on the NULL ngd_up_work.\n\n[   21.858578] ------------[ cut here ]------------\n[   21.858745] WARNING: kernel/workqueue.c:2338 at __queue_work+0x5e0/0x790, CPU#2: kworker/2:2/116\n...\n[   21.859251] Call trace:\n[   21.859255]  __queue_work+0x5e0/0x790 (P)\n[   21.859265]  queue_work_on+0x6c/0xf0\n[   21.859273]  qcom_slim_ngd_ssr_pdr_notify+0x110/0x150 [slim_qcom_ngd_ctrl]\n[   21.859304]  qcom_slim_ngd_ssr_notify+0x24/0x40 [slim_qcom_ngd_ctrl]\n[   21.859318]  notifier_call_chain+0xa4/0x230\n[   21.859329]  srcu_notifier_call_chain+0x64/0xb8\n[   21.859338]  ssr_notify_start+0x40/0x78 [qcom_common]\n[   21.859355]  rproc_start+0x130/0x230\n[   21.859367]  rproc_boot+0x3d4/0x518\n...\n\nMove the enablement of interrupts, and the registration of SSR and PDR\nuntil after the NGD device has been registered.\n\nThis could be further refined by moving initialization to the control\ndriver probe and by removing the platform driver model from the picture."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/slimbus/qcom-ngd-ctrl.c"],"versions":[{"version":"917809e2280bb83994be8b642373fd941d40c407","lessThan":"946b97d632f0f58a705dafac644c1e9346e01f35","status":"affected","versionType":"git"},{"version":"917809e2280bb83994be8b642373fd941d40c407","lessThan":"fa3790c7ea98328ddc3f7d8bf40247556245a6fc","status":"affected","versionType":"git"},{"version":"917809e2280bb83994be8b642373fd941d40c407","lessThan":"24ec89123fc9d0d24ce719dcf7fd6c57e5b0d753","status":"affected","versionType":"git"},{"version":"917809e2280bb83994be8b642373fd941d40c407","lessThan":"08564e15c47a5fb0af6643a43ee15521d49bcdea","status":"affected","versionType":"git"},{"version":"917809e2280bb83994be8b642373fd941d40c407","lessThan":"2a9d50e9ea406e0c8735938484adc20515ef1b47","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/slimbus/qcom-ngd-ctrl.c"],"versions":[{"version":"4.19","status":"affected"},{"version":"0","lessThan":"4.19","status":"unaffected","versionType":"semver"},{"version":"5.10.260","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"5.10.260"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.12.94"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.18.36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"7.0.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/946b97d632f0f58a705dafac644c1e9346e01f35"},{"url":"https://git.kernel.org/stable/c/fa3790c7ea98328ddc3f7d8bf40247556245a6fc"},{"url":"https://git.kernel.org/stable/c/24ec89123fc9d0d24ce719dcf7fd6c57e5b0d753"},{"url":"https://git.kernel.org/stable/c/08564e15c47a5fb0af6643a43ee15521d49bcdea"},{"url":"https://git.kernel.org/stable/c/2a9d50e9ea406e0c8735938484adc20515ef1b47"}],"title":"slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd","x_generator":{"engine":"bippy-1.2.0"}}}}