Vulnerability in the Linux Kernel Affects Kexec Functionality
CVE-2026-53282

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53282?

A vulnerability in the Linux kernel related to the kexec functionality has been identified. The issue occurs due to an erroneous handling of the stack during the kexec process. Specifically, the purgatory code included in the kexec-tools attempts to retrieve a return address for a kjump, even in instances where kjump is not being utilized. This flawed approach can lead to a fault when the expected address is absent from the stack, triggering a crash. Recent commits aimed to address this by stopping the unnecessary pushing of the return address in non-kjump scenarios, but it is necessary to reinstate this functionality to avoid purgatory destabilization. Users are advised to update their systems to the latest kernel versions where this issue has been resolved.

Affected Version(s)

Linux 2cacf7f23a024ab1fdc603ca6a4f4c8b2de9f64e

Linux 2cacf7f23a024ab1fdc603ca6a4f4c8b2de9f64e < 7dba9631faa2ee0785e8c2bf0e3d90a05f26dd8c

Linux 2cacf7f23a024ab1fdc603ca6a4f4c8b2de9f64e < 786a45757dcdf8f2beb9d4a6db605db16c18b2b4

References

https://git.kernel.org/stable/c/b0bd7a850e1f082560959707d...

https://git.kernel.org/stable/c/7dba9631faa2ee0785e8c2bf0...

https://git.kernel.org/stable/c/786a45757dcdf8f2beb9d4a6d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53282 Data

JSON