Race condition in Linux kernel - CVE-2026-53070
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper synchronization in SCTP over UDP transmission handling in net/sctp/ipv6.c and net/sctp/protocol.c when transmitting SCTP packets over UDP. A local user can trigger SCTP over UDP traffic to cause a denial of service.
Exploitation requires SCTP over UDP to be enabled.