Improper access control in Linux kernel - CVE-2026-53200
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to bypass execute permission restrictions.
The vulnerability exists due to improper access control in KVM arm64 nested virtualization translation handling when processing XN bits on systems without FEAT_XNX. A local user can manipulate a nested translation state to bypass execute permission restrictions.
The issue occurs because XN[0] is handled incorrectly when FEAT_XNX is not supported, which can result in execute permissions being granted unconditionally.