{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-53176/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-28T06:39:50.888Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-53176","@id":"https://www.cve.org/CVERecord?id=CVE-2026-53176","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nIB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN\n\nIn drivers/infiniband/ulp/isert/ib_isert.c, isert_login_recv_done()\ncomputes the login request payload length as wc->byte_len minus\nISER_HEADERS_LEN with no lower bound, and login_req_len is a signed int.\nA remote iSER initiator can post a login Send work request carrying\nfewer than ISER_HEADERS_LEN (76) bytes, so the subtraction underflows\nand login_req_len becomes neg"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:3.10:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:3.10:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 1ca40b243277c9e88be5e00bd3e083f71aefb93e, 29e7b925ae6df64894e82ab6419994dc25580a8a, 5.10.259, 5.15.210, 6.1.176, 6.6.143, 6.12.94, 6.18.36, 7.0.13, 7.1, 75ee6e4aa096aa9e7b2dd5c8ff98356e30aceefb, bd22740d7f14cb1c0289444cfd2c8d2938667c1d, c1234229399f4af12c553b1b0ffd978eeba65548, c5584e089b5af7b3bf8bd5e8ca0560cbf32b0a47, df422fd273c96c2ee5beb80fc21adc8c70c29260, e8a013c0c3ca2f6708341a56612a3f6d6921620a.","timestamp":"2026-06-28T06:39:50.888Z"}]}