CVE-2026-53042
In CVE-2026-53042, the Linux kernel vulnerability stems from an initialization order: CXL is linked before fwctl in drivers/Makefile, causing fwctl_register to run before fwctl_init, so fwctl_class isn’t registered when device_add is called. This makes class_to_subsys() return NULL, skipping knod...