CVE-2026-53003
In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an uncompressed (2-byte) protocol field. However, the generic PPP layer function ppp_input() is not aware of the negotiation result, and still accepts PFC frames. If a peer with a broken implementation or an attacker sends a frame with a compressed (1-byte) protocol field, the subsequent PPP payload is shifted by one byte. This causes the network header to be 4-byte misaligned, which may trigger unaligned access exceptions on some architectures. To reduce the attack surface, drop PPPoE PFC frames. Introduce ppp_skb_is_compressed_proto() helper function to be used in both ppp_generic.c and pppoe.c to avoid open-coding.
Affected versions
Linux kernel versions
5.0
and later are affected. Fixed in
5.10.258,
5.15.209,
6.1.175,
6.6.141,
6.12.91,
6.18.33,
7.0.10,
7.1
and their respective stable series.
References
8 totalFrequently asked questions
-
What is CVE-2026-53003?
CVE-2026-53003 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.0 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-53003 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
Is there a patch available for CVE-2026-53003?
Yes — CVE-2026-53003 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 5.0 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2026-53003 actively exploited?
No — CVE-2026-53003 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.