CVE & CISA-KEV Catalog

CVE-2026-53152

UNSCORED

Description

In the Linux kernel, the following vulnerability has been resolved: mmc: dw_mmc-rockchip: Add missing private data for very old controllers The really old controllers (rk2928, rk3066, rk3188) do not support UHS speeds at all, and thus never handled phase data. For that reason it never had a parse_dt callback and no driver private data at all. Commit ff6f0286c896 ("mmc: dw_mmc-rockchip: Add memory clock auto-gating support") makes the private data sort of mandatory, because the init function checks whether phases are configured internally or through the clock controller. This results in the old SoCs then experiencing NULL-pointer dereferences when they try to access that private-data struct. While we could have if (priv) conditionals in all places, it's way less cluttery to just give the old types their private-data struct.

How to fix

Remediation Available
linuxDebian
Fixed in:6.12.94-1CVE-2026-53152
Fixed in:7.0.13-1CVE-2026-53152

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3.1 Vector

No CVSS vector data available.

Exploit Intelligence

0.17%probability of exploitation in 30 days
6thpercentile

Low risk: more likely to be exploited than 6% of all known CVEs.

References

Embed a live status badge for CVE-2026-53152
CVE-2026-53152 severity badge

Markdown

[![CVE-2026-53152](https://tridentstack.com/cve/badge/CVE-2026-53152.svg)](https://tridentstack.com/cve/CVE-2026-53152)

HTML

<a href="https://tridentstack.com/cve/CVE-2026-53152"><img src="https://tridentstack.com/cve/badge/CVE-2026-53152.svg" alt="CVE-2026-53152"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-30.