CVE-2026-53077 - Vulnerability Details

- net/rds: Restrict use of RDS/IB to the initial network namespace

Description

In the Linux kernel, the following vulnerability has been resolved:

net/rds: Restrict use of RDS/IB to the initial network namespace

Prevent using RDS/IB in network namespaces other than the initial one.
The existing RDS/IB code will not work properly in non-initial network
namespaces.

Published: 2026-06-24

Score: 7.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< 3e7f14cd5a51533404e1ae4809caab46073fb5c7
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< 3174fc703d081d2ca538b22fba734e3ad5b52322
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< c244b79adffad89a5173cf8bfaa06a6b40bbd09b
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< 07035306bf722f4676a1aee35cbeb3732c76194e
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< fb407343c0c16e94584707b2dfdd350a5f81b000
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< a7494479757d60d2413bfaa087f8431a26eea032
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< b6a54f5e9ce9b97ae641855378d71c5154a085c0
`d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638`	affected	< ebf71dd4aff46e8e421d455db3e231ba43d2fa8a

Linux

affected

Version	Status	Constraints
`4.3`	affected	—
`0`	unaffected	< 4.3
`5.10.258`	unaffected	≤ 5.10.*
`5.15.209`	unaffected	≤ 5.15.*
`6.1.175`	unaffected	≤ 6.1.*
`6.6.141`	unaffected	≤ 6.6.*
`6.12.91`	unaffected	≤ 6.12.*
`6.18.33`	unaffected	≤ 6.18.*
`7.0.10`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,3e7f14cd5a51533404e1ae4809caab46073fb5c7)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,3174fc703d081d2ca538b22fba734e3ad5b52322)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,c244b79adffad89a5173cf8bfaa06a6b40bbd09b)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,07035306bf722f4676a1aee35cbeb3732c76194e)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,fb407343c0c16e94584707b2dfdd350a5f81b000)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,a7494479757d60d2413bfaa087f8431a26eea032)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,b6a54f5e9ce9b97ae641855378d71c5154a085c0)`	affected	code_commit	—
`[d5a8ac28a7ff2f250d1bedbb6008dd2f6f6f1638,ebf71dd4aff46e8e421d455db3e231ba43d2fa8a)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`4.3`	affected	generic	—
`[0,4.3)`	unaffected	semver	—
`[5.10.258,5.11.0)`	unaffected	semver	—
`[5.15.209,5.16.0)`	unaffected	semver	—
`[6.1.175,6.2.0)`	unaffected	semver	—
`[6.6.141,6.7.0)`	unaffected	semver	—
`[6.12.91,6.13.0)`	unaffected	semver	—
`[7.0.10,7.1.0)`	unaffected	semver	—
`[7.1,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0012.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/07035306bf722f4676a1aee35cbeb3732c76194e
https://git.kernel.org/stable/c/3174fc703d081d2ca538b22fba734e3ad5b52322
https://git.kernel.org/stable/c/3e7f14cd5a51533404e1ae4809caab46073fb5c7
https://git.kernel.org/stable/c/a7494479757d60d2413bfaa087f8431a26eea032
https://git.kernel.org/stable/c/b6a54f5e9ce9b97ae641855378d71c5154a085c0
https://git.kernel.org/stable/c/c244b79adffad89a5173cf8bfaa06a6b40bbd09b
https://git.kernel.org/stable/c/ebf71dd4aff46e8e421d455db3e231ba43d2fa8a
https://git.kernel.org/stable/c/fb407343c0c16e94584707b2dfdd350a5f81b000
https://lore.kernel.org/linux-cve-announce/2026062406-CVE-2026-53077-a66c@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-53077
https://www.cve.org/CVERecord?id=CVE-2026-53077

History

Sun, 28 Jun 2026 08:00:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Sat, 27 Jun 2026 03:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-346 CWE-665

Sat, 27 Jun 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-280
References		https://lore.kernel.org/linux-cve-announce/2026062406-CVE-2026-53077-a66c@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-53077 https://www.cve.org/CVERecord?id=CVE-2026-53077
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 24 Jun 2026 22:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-346 CWE-665

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code will not work properly in non-initial network namespaces.
Title		net/rds: Restrict use of RDS/IB to the initial network namespace
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/07035306bf722f4676a1aee35cbeb3732c76194e https://git.kernel.org/stable/c/3174fc703d081d2ca538b22fba734e3ad5b52322 https://git.kernel.org/stable/c/3e7f14cd5a51533404e1ae4809caab46073fb5c7 https://git.kernel.org/stable/c/a7494479757d60d2413bfaa087f8431a26eea032 https://git.kernel.org/stable/c/b6a54f5e9ce9b97ae641855378d71c5154a085c0 https://git.kernel.org/stable/c/c244b79adffad89a5173cf8bfaa06a6b40bbd09b https://git.kernel.org/stable/c/ebf71dd4aff46e8e421d455db3e231ba43d2fa8a https://git.kernel.org/stable/c/fb407343c0c16e94584707b2dfdd350a5f81b000

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:30:17.972Z

Updated: 2026-06-28T06:39:02.828Z

Reserved: 2026-06-09T07:44:35.383Z

Link: CVE-2026-53077

Vulnrichment

No data.

NVD

No data.

Redhat

Severity : Moderate

Publid Date: 2026-06-24T00:00:00Z

Links: CVE-2026-53077 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-28T13:45:06Z

Weaknesses

CWE-280

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object