CVE-2026-53106
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not allow deleting local storage in NMI Currently, local storage may deadlock when deferring freeing selem or local storage through kfree_rcu(), call_rcu() or call_rcu_tasks_trace() in NMI or reentrant. Since deleting selem in NMI is an unlikely use case, partially mitigate it by returning error when calling from bpf_xxx_storage_delete() helpers in NMI. Note that, it is still possible to deadlock through reentrant. A full mitigation requires returning error when irqs_disabled() is true, which, however is too heavy-handed for bpf_xxx_storage_delete(). The long-term solution requires _nolock versions of call_rcu. Another possible solution is to defer the free through irq_work [0], but it would grow the size of selem, which is non-ideal. The check is only needed in bpf_selem_unlink(), which is used by helpers and syscalls. bpf_selem_unlink_nofail() is fine as it is called during map and owner tear down that never run in NMI or reentrant. [0] https://lore.kernel.org/bpf/[email protected]/
Affected versions
Linux kernel versions
5.13
and later are affected. Fixed in
7.0.10,
7.1
and their respective stable series.
References
2 totalFrequently asked questions
-
What is CVE-2026-53106?
CVE-2026-53106 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.13 onward and has been patched in 7.0.10 and 7.1. CVE-2026-53106 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
Is there a patch available for CVE-2026-53106?
Yes — CVE-2026-53106 has been patched. Fixed versions include 7.0.10 and 7.1. If you are running Linux kernel 5.13 or later up to the fix versions, apply the relevant patch for your kernel branch.
-
Is CVE-2026-53106 actively exploited?
No — CVE-2026-53106 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.