{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-53186/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-28T06:40:01.569Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-53186","@id":"https://www.cve.org/CVERecord?id=CVE-2026-53186","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: bound SRP_RSP sense copy by the received length\n\nsrp_process_rsp() copies sense data from rsp->data + resp_data_len,\nwhere resp_data_len is the full 32-bit value supplied by the SRP target\nand is never checked against the number of bytes actually received\n(wc->byte_len). The copy length is bounded to SCSI_SENSE_BUFFERSIZE, so\nat most 96 bytes are copied, but the source offset is not bounded.\n\nA malicious or compromise"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:2.6.15:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:2.6.15:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 0b9ee09d5e849591f17d98c078033dadea967293, 0d64bc200ebe4f275b27438c6e593903e0b16fe1, 13e91fd076306f5d0cdfa14f53d69e37274723c4, 2015038195939eac54a1ee83c9d98ef1a8ccbbce, 3523e53ff95f1837ec3f57ff7558532bcb2661b7, 3889517c2ec7f364914aea8209abfff735f7ecde, 5.10.259, 5.15.210, 6.1.176, 6.6.143, 6.12.94, 6.18.36, 7.0.13, 7.1, ed77cc819ad631264787cade5ae5ec4c535ec6bb, f92a285db7ff6e598591ccbfb551be155c5f4d57.","timestamp":"2026-06-28T06:40:01.569Z"}]}