Race Condition in Linux Kernel Affecting Multi-threaded Processes
CVE-2026-53352
What is CVE-2026-53352?
This vulnerability manifests as a race condition in the Linux kernel's handling of multi-threaded processes. When a stop signal is sent to a process, the kernel sets flags to manage the process's thread group. However, if one thread within the group initiates an execve() call simultaneously, it triggers a situation where the job control flags for the calling thread are not cleared correctly. This discrepancy leads to the potential for errors, such as attempts to decrement already-zero counters, which can result in warnings in the kernel logs. The issue has been resolved by ensuring that job control flags are appropriately cleared for all threads in the group, thereby preventing any stale state from persisting after the thread group is terminated.
Affected Version(s)
Linux 39efa3ef3a376a4e53de2f82fc91182459d34200 < 2b32b2fb241435145ea199efac024540759d2495
Linux 39efa3ef3a376a4e53de2f82fc91182459d34200 < 391ebe74456a0f1d60b3ba4a8a64d9f44c1728fe
Linux 39efa3ef3a376a4e53de2f82fc91182459d34200