Improper access control in Linux kernel - CVE-2026-53236
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to improper access control in SO_ATTACH_FILTER on TCP sockets when attaching a cBPF filter. A local user can attach a filter to leak TCP sequence and acknowledgment numbers to disclose sensitive information.
Exploitation requires access to create or control a TCP socket and use the socket option interface.
How to mitigate CVE-2026-53236
Sources
- https://git.kernel.org/stable/c/3747de241a66ef2c7032d2cc2b826a47c5fa0f6a
- https://git.kernel.org/stable/c/5d39580f68e6ddeedd15e587282207489dfb3da2
- https://git.kernel.org/stable/c/82b3e7ce10c53fc12aab8904745603efc74f8c07
- https://git.kernel.org/stable/c/c68517a3e18e20997808821c5559d0cba4d776c1
- https://git.kernel.org/stable/c/ecfe9171b26ae3eed0cd8bab7a943e9e2c9e51ba
- https://git.kernel.org/stable/c/ede69b8f6670600e534591664584f810d7c385f9