In the Linux kernel, the following vulnerability has been resolved:

net: mana: Use pci_name() for debugfs directory naming

Use pci_name(pdev) for the per-device debugfs directory instead of
hardcoded "0" for PFs and pci_slot_name(pdev->slot) for VFs. The
previous approach had two issues:

1. pci_slot_name() dereferences pdev->slot, which can be NULL for VFs
in environments like generic VFIO passthrough or nested KVM,
causing a NULL pointer dereference.

2. Multiple PFs would all use "0", and VFs across different PCI
domains or buses could share the same slot name, leading to
-EEXIST errors from debugfs_create_dir().

pci_name(pdev) returns the unique BDF address, is always valid, and is
unique across the system.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
6607c17c6c5e029da03a90085db22daf518232bf affected < 34dbd7b819544c99c9d96b400fe4db613f40ac4b
6607c17c6c5e029da03a90085db22daf518232bf affected < 9211eb97e8f8c28bf9313ab97862d143dbbbef97
6607c17c6c5e029da03a90085db22daf518232bf affected < c116f07ab9d22bb6f355f3cf9e44c1e6a47fe559
Linux Linux affected
Version Status Constraints
6.13 affected
0 unaffected < 6.13
6.18.33 unaffected ≤ 6.18.*
7.0.10 unaffected ≤ 7.0.*
7.1 unaffected ≤ *

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/34dbd7b819544c99c9d96b400fe4db613f40ac4b cve-icon
https://git.kernel.org/stable/c/9211eb97e8f8c28bf9313ab97862d143dbbbef97 cve-icon
https://git.kernel.org/stable/c/c116f07ab9d22bb6f355f3cf9e44c1e6a47fe559 cve-icon
History

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pci_name() for debugfs directory naming Use pci_name(pdev) for the per-device debugfs directory instead of hardcoded "0" for PFs and pci_slot_name(pdev->slot) for VFs. The previous approach had two issues: 1. pci_slot_name() dereferences pdev->slot, which can be NULL for VFs in environments like generic VFIO passthrough or nested KVM, causing a NULL pointer dereference. 2. Multiple PFs would all use "0", and VFs across different PCI domains or buses could share the same slot name, leading to -EEXIST errors from debugfs_create_dir(). pci_name(pdev) returns the unique BDF address, is always valid, and is unique across the system.
Title net: mana: Use pci_name() for debugfs directory naming
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:41:14.708Z

Reserved: 2026-06-09T07:44:35.398Z

Link: CVE-2026-53324

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.