What is CVE-2026-53047?

CVE-2026-53047 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 4.14.13 onward and patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-53047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-53047?

CVE-2026-53047 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-53047?

Yes, CVE-2026-53047 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.14.13 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-53047 actively exploited?

CVE-2026-53047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-53047

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc() call for cap_info->phys in __efi_capsule_setup_info() uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t), which might be causing an undersized allocation. The allocation is also inconsistent with the initial array allocation in efi_capsule_open() that allocates one entry with sizeof(phys_addr_t), and the efi_capsule_write() function that stores phys_addr_t values (not pointers) via page_to_phys(). On 64-bit systems where sizeof(phys_addr_t) == sizeof(phys_addr_t *), this goes unnoticed. On 32-bit systems with PAE where phys_addr_t is 64-bit but pointers are 32-bit, this allocates half the required space, which might lead to a heap buffer overflow when storing physical addresses. This is similar to the bug fixed in commit fccfa646ef36 ("efi/capsule-loader: fix incorrect allocation size") which fixed the same issue at the initial allocation site.

Package Linux Kernel

Published 2026-06-24

Last modified 2026-06-24

Patch available

Yes

Affected versions

Linux kernel versions 4.14.13, 4.15 and later are affected. Fixed in 5.10.258, 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1 and their respective stable series.

Affected from

≥ 4.14.13 ≥ 4.15

Fixed in

✓ 5.10.258 5.10.x ✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.141 6.6.x ✓ 6.12.91 6.12.x ✓ 6.18.33 6.18.x ✓ 7.0.10 7.0.x ✓ 7.1

References

8 total

Showing 5 of 8 references View all on NVD

Frequently asked questions

What is CVE-2026-53047?

CVE-2026-53047 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 4.14.13 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-53047 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-53047?

Yes — CVE-2026-53047 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.14.13 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-53047 actively exploited?

No — CVE-2026-53047 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.