HOMEVULNERABILITIESCVE-2026-53353
NONE

CVE-2026-53353

Published: July 1, 2026· Updated: Jul 1, 2026

EPSS:0.16%probability of exploitation in 30 daysPercentile:5.2th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

hsr: Remove WARN_ONCE() in hsr_addr_is_self().

syzbot reported the warning [0] in hsr_addr_is_self(),

whose assumption is simply wrong.

hsr->self_node is cleared in hsr_del_self_node(), which

is called from hsr_dellink().

Since dev->rtnl_link_ops->dellink() is called before

unregister_netdevice_many(), there is a window when

user can find the device but without hsr->self_node.

Let's remove WARN_ONCE() in hsr_addr_is_self().

[0]:

HSR: No self node

WARNING: net/hsr/hsr_framereg.c:39 at hsr_addr_is_self+0x211/0x3f0 net/hsr/hsr_framereg.c:39, CPU#0: syz.4.16848/17220

Modules linked in:

CPU: 0 UID: 0 PID: 17220 Comm: syz.4.16848 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)}

Tainted: [L]=SOFTLOCKUP

Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026

RIP: 0010:hsr_addr_is_self+0x211/0x3f0 net/hsr/hsr_framereg.c:39

Code: 33 2f 41 0f b7 dd 89 ee 09 de 31 ff e8 c8 b4 c6 f6 09 dd 74 54 e8 0f b0 c6 f6 31 ed eb 53 e8 06 b0 c6 f6 48 8d 3d 2f 50 9c 04 <67> 48 0f b9 3a 31 ed eb 42 e8 c1 13 1f 00 89 c5 31 ff 89 c6 e8 96

RSP: 0018:ffffc900041c70e0 EFLAGS: 00010283

RAX: ffffffff8afdc6ca RBX: ffffffff8afdc4e6 RCX: 0000000000080000

RDX: ffffc90010493000 RSI: 0000000000000948 RDI: ffffffff8f9a1700

RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000

R10: ffffc900041c71e8 R11: fffff52000838e3f R12: dffffc0000000000

R13: ffff888041f9e3c0 R14: ffff888086ee3802 R15: 0000000000000000

FS: 00007f6fe985d6c0(0000) GS:ffff888126176000(0000) knlGS:0000000000000000

CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033

CR2: 00007f80bd437dac CR3: 0000000025096000 CR4: 00000000003526f0

DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000002

DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400

Call Trace:

<TASK>

check_local_dest net/hsr/hsr_forward.c:592 [inline]

fill_frame_info net/hsr/hsr_forward.c:728 [inline]

hsr_forward_skb+0xa11/0x2a80 net/hsr/hsr_forward.c:739

hsr_dev_xmit+0x253/0x370 net/hsr/hsr_device.c:236

__netdev_start_xmit include/linux/netdevice.h:5368 [inline]

netdev_start_xmit include/linux/netdevice.h:5377 [inline]

xmit_one net/core/dev.c:3888 [inline]

dev_hard_start_xmit+0x2df/0x860 net/core/dev.c:3904

__dev_queue_xmit+0x1428/0x3900 net/core/dev.c:4870

neigh_output include/net/neighbour.h:556 [inline]

ip_finish_output2+0xcec/0x10b0 net/ipv4/ip_output.c:237

ip_send_skb net/ipv4/ip_output.c:1510 [inline]

ip_push_pending_frames+0x8b/0x110 net/ipv4/ip_output.c:1530

raw_sendmsg+0x1547/0x1a50 net/ipv4/raw.c:659

sock_sendmsg_nosec net/socket.c:787 [inline]

__sock_sendmsg net/socket.c:802 [inline]

____sys_sendmsg+0x7da/0x9c0 net/socket.c:2698

___sys_sendmsg+0x2a5/0x360 net/socket.c:2752

__sys_sendmsg net/socket.c:2784 [inline]

__do_sys_sendmsg net/socket.c:2789 [inline]

__se_sys_sendmsg net/socket.c:2787 [inline]

__x64_sys_sendmsg+0x1c3/0x2a0 net/socket.c:2787

do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]

do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94

entry_SYSCALL_64_after_hwframe+0x77/0x7f

RIP: 0033:0x7f6feb62ce59

Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48

RSP: 002b:00007f6fe985d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e

RAX: ffffffffffffffda RBX: 00007f6feb8a6090 RCX: 00007f6feb62ce59

RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004

RBP: 00007f6feb6c2d6f R08: 0000000000000000 R09: 0000000000000000

R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000

R13: 00007f6feb8a6128 R14: 00007f6feb8a6090 R15: 00007ffcf01cc488

</TASK>

NVD Source

Technical Analysis

CVE-2026-53353 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
GoogleLinux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (5)

Quick Facts

CVE IDCVE-2026-53353
SeverityNONE
CISA KEVNo
EPSS (30d)0.16%
PublishedJul 1, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-53353 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.