Linux Kernel Vulnerability in PPP Administration Commands
CVE-2026-53075

8.8HIGH

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
24 June 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-53075?

A vulnerability has been identified in the Linux kernel that allows an unprivileged local user to exploit the Point-to-Point Protocol (PPP) by manipulating network namespaces. Specifically, the vulnerability arises when a user can gain CAP_NET_ADMIN privileges in a new user namespace, and subsequently issue certain administrative ioctls while targeting an inherited network namespace. The issue occurs because the /dev/ppp authorization is based on the context of the user namespace, permitting unintended command execution within the network namespace. This vulnerability poses a risk of privilege escalation, which could compromise the security of network operations.

Affected Version(s)

Linux 273ec51dd7ceaa76e038875d85061ec856d8905e

Linux 273ec51dd7ceaa76e038875d85061ec856d8905e < 5080e188c914110034bbc569d5cfa2f06204681d

Linux 273ec51dd7ceaa76e038875d85061ec856d8905e < 67e901e28d177ac9a9bed76d69ce3471e704a89e

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.