Improper locking in Linux kernel - CVE-2026-53106
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of local storage deletion in bpf local storage helpers when deleting local storage from an nmi context. A local user can trigger bpf_xxx_storage_delete() helpers to cause a denial of service.
The issue affects helper and syscall paths that reach bpf_selem_unlink().