What is CVE-2026-53083?

CVE-2026-53083 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 5.5 onward and patched in 6.6.141, 6.12.91, 6.18.33 and others. CVE-2026-53083 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-53083?

CVE-2026-53083 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-53083?

Yes, CVE-2026-53083 has been patched. Fixed versions include 6.6.141, 6.12.91, 6.18.33 and others. If you are running Linux kernel 5.5 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-53083 actively exploited?

CVE-2026-53083 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-53083

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix RCU stall in bpf_fd_array_map_clear() Add a missing cond_resched() in bpf_fd_array_map_clear() loop. For PROG_ARRAY maps with many entries this loop calls prog_array_map_poke_run() per entry which can be expensive, and without yielding this can cause RCU stalls under load: rcu: Stack dump where RCU GP kthread last ran: CPU: 0 UID: 0 PID: 30932 Comm: kworker/0:2 Not tainted 6.14.0-13195-g967e8def1100 #2 PREEMPT(undef) Workqueue: events prog_array_map_clear_deferred RIP: 0010:write_comp_data+0x38/0x90 kernel/kcov.c:246 Call Trace: <TASK> prog_array_map_poke_run+0x77/0x380 kernel/bpf/arraymap.c:1096 __fd_array_map_delete_elem+0x197/0x310 kernel/bpf/arraymap.c:925 bpf_fd_array_map_clear kernel/bpf/arraymap.c:1000 [inline] prog_array_map_clear_deferred+0x119/0x1b0 kernel/bpf/arraymap.c:1141 process_one_work+0x898/0x19d0 kernel/workqueue.c:3238 process_scheduled_works kernel/workqueue.c:3319 [inline] worker_thread+0x770/0x10b0 kernel/workqueue.c:3400 kthread+0x465/0x880 kernel/kthread.c:464 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:153 ret_from_fork_asm+0x19/0x30 arch/x86/entry/entry_64.S:245 </TASK>

Package Linux Kernel

Published 2026-06-24

Last modified 2026-06-24

Patch available

Yes

Affected versions

Linux kernel versions 5.5 and later are affected. Fixed in 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1 and their respective stable series.

Affected from

≥ 5.5

Fixed in

✓ 6.6.141 6.6.x ✓ 6.12.91 6.12.x ✓ 6.18.33 6.18.x ✓ 7.0.10 7.0.x ✓ 7.1

References

5 total

Frequently asked questions

What is CVE-2026-53083?

CVE-2026-53083 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.5 onward and has been patched in 6.6.141, 6.12.91, 6.18.33 and others. CVE-2026-53083 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-53083?

Yes — CVE-2026-53083 has been patched. Fixed versions include 6.6.141, 6.12.91, 6.18.33 and others. If you are running Linux kernel 5.5 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-53083 actively exploited?

No — CVE-2026-53083 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.