Linux Kernel Callback Vulnerability Affecting Hotplug Functionality
CVE-2026-53314

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 June 2026

What is CVE-2026-53314?

A significant vulnerability has been identified in the Linux Kernel involving the padata CPU offline callback. This issue arose when the kernel attempted to transition a CPU to an offline state without allowing for potential failure, particularly during the critical hotplug operation. The failure was traced to an error returned by the padata_cpu_dead function, leading to warnings that could impact the system's stability. To prevent such failures in the future, the callback mechanism has been revised to ensure that failures can be gracefully managed during the ONLINE phase. This correction is vital for maintaining the stability and reliability of systems leveraging dynamic CPU management.

Affected Version(s)

Linux 894c9ef9780c5cf2f143415e867ee39a33ecb75d < 65dae8b34f0810f3fa9f77c4c63650cd20820693

Linux 894c9ef9780c5cf2f143415e867ee39a33ecb75d

Linux 894c9ef9780c5cf2f143415e867ee39a33ecb75d < 3e6c08dd97dcd22a00aee469e0adfa819071d80e

References

https://git.kernel.org/stable/c/65dae8b34f0810f3fa9f77c4c...

https://git.kernel.org/stable/c/a6d44f477000c6352de6b05e9...

https://git.kernel.org/stable/c/3e6c08dd97dcd22a00aee469e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53314 Data

JSON