Linux Kernel Vulnerability in BPF Storage Cloning Mechanism
CVE-2026-52938

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-52938?

A vulnerability in the Linux kernel's BPF (Berkeley Packet Filter) storage mechanism can lead to a NULL pointer dereference during concurrent operations. This issue arises when the bpf_selem_unlink_nofail() function sets the smap attribute of a selem to NULL before its removal, allowing a simultaneous RCU (Read-Copy-Update) reader in bpf_sk_storage_clone() to access a now-invalid memory location. This can lead to a general protection fault and possible system instability. The resolution includes adding a NULL check for the smap attribute to prevent such dereferencing errors in affected code paths.

Affected Version(s)

Linux 5d800f87d0a5ea1b156c47a4b9fd128479335153 < 375e4e33c18dfa05c5dfd5f3dfffeb29343dd4c7

Linux 7.0

References

https://git.kernel.org/stable/c/375e4e33c18dfa05c5dfd5f3d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52938 Data

JSON