VDB

CVE-2026-53032

CVE-2026-53032 PUBLISHED

Reported by Linux · Published June 24, 2026

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in map_kptr_match_type for scalar regs Commit ab6c637ad027 ("bpf: Fix a bpf_kptr_xchg() issue with local kptr") refactored map_kptr_match_type() to branch on btf_is_kernel() before checking base_type(). A scalar register stored into a kptr slot has no btf, so the btf_is_kernel(reg->btf) call dereferences NULL. Move the base_type() != PTR_TO_BTF_ID guard before any reg->btf access.

EPSS 0.17% · 6.4th percentile

Risk Scores

EPSS Score
0.17%
6.4th percentile

Affected Products

VendorProductVersions
LinuxLinuxab6c637ad0276e42f8acabcbc64932a6d346dab3, ab6c637ad0276e42f8acabcbc64932a6d346dab3, ab6c637ad0276e42f8acabcbc64932a6d346dab3
LinuxLinux6.6, 0, 6.6.141
linuxlinux_kernel6.6, 6.6, 6.6
LinuxLinuxab6c637ad0276e42f8acabcbc64932a6d346dab3, ab6c637ad0276e42f8acabcbc64932a6d346dab3, ab6c637ad0276e42f8acabcbc64932a6d346dab3

Timeline

  • Jun 24, 2026 CVE Published
  • Jun 25, 2026 Coalition ESS Score
  • Jun 26, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›