HOMEVULNERABILITIESCVE-2026-53081
HIGH

CVE-2026-53081

Published: June 24, 2026· Updated: Jun 30, 2026

7.8
CVSS v3.1
EPSS:0.16%probability of exploitation in 30 daysPercentile:5.1th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

bpf: Enforce regsafe base id consistency for BPF_ADD_CONST scalars

When regsafe() compares two scalar registers that both carry

BPF_ADD_CONST, check_scalar_ids() maps their full compound id

(aka base | BPF_ADD_CONST flag) as one idmap entry. However,

it never verifies that the underlying base ids, that is, with

the flag stripped are consistent with existing idmap mappings.

This allows construction of two verifier states where the old

state has R3 = R2 + 10 (both sharing base id A) while the current

state has R3 = R4 + 10 (base id C, unrelated to R2). The idmap

creates two independent entries: A->B (for R2) and A|flag->C|flag

(for R3), without catching that A->C conflicts with A->B. State

pruning then incorrectly succeeds.

Fix this by additionally verifying base ID mapping consistency

whenever BPF_ADD_CONST is set: after mapping the compound ids,

also invoke check_ids() on the base IDs (flag bits stripped).

This ensures that if A was already mapped to B from comparing

the source register, any ADD_CONST derivative must also derive

from B, not an unrelated C.

NVD Source

Technical Analysis

CVE-2026-53081 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 7.8.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges Req.Low
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (7)

Quick Facts

CVE IDCVE-2026-53081
CVSS Score7.8 / 10
SeverityHIGH
CISA KEVNo
EPSS (30d)0.16%
PublishedJun 24, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-53081 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.