Resource exhaustion in Linux kernel - CVE-2026-53083
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper control of resource consumption in bpf_fd_array_map_clear() in the BPF array map implementation when clearing PROG_ARRAY maps with many entries. A local user can trigger map clearing operations to cause a denial of service.
The issue can lead to RCU stalls under load.
How to mitigate CVE-2026-53083
Sources
- https://git.kernel.org/stable/c/4406942e65ca128c56c67443832988873c21d2e9
- https://git.kernel.org/stable/c/67bdb4b0d26f2d6bbf1798a925ef5a3b9ed7357a
- https://git.kernel.org/stable/c/71ddb7defc442ab38c53123c384fedbfd8410a15
- https://git.kernel.org/stable/c/b1f7158a86f3cbac4d5a32beb55ca0f8027d44cd
- https://git.kernel.org/stable/c/e1ed678855e315f90c70c1723e94157a9a82e660