Linux Kernel Vulnerability in rseq Handling
CVE-2026-53243

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-53243?

A vulnerability exists in the Linux kernel related to improper initialization of stack variables in the rseq_exit_user_update function. This issue arises because the initialization of the variable ids.node_id relies on the evaluation of another variable before it has been properly set, leading to potential kernel information leak issues. This flaw can impact system integrity and security by exposing sensitive memory contents, as the evaluation order in initializer lists is not guaranteed; therefore, the fix involved rearranging the assignments to ensure proper variable initialization.

Affected Version(s)

Linux d242126fd21ab8f1631fdbc8589e43a9d4229f3b

Linux 82f572449cfe75f12ea985986da60e11f308f77d < 6d99479799c69c3cb588fcda19c81d8f61d64ecd

Linux 7.0.10 < 7.0.13

References

https://git.kernel.org/stable/c/e12d20a63b61aaf9de4772eff...

https://git.kernel.org/stable/c/6d99479799c69c3cb588fcda1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53243 Data

JSON