CVE-2026-53162 Linux CVE debrief

Who should care

System administrators and security teams responsible for Linux kernel-based systems should be aware of this vulnerability. The vulnerability's impact is limited to systems using the Linux kernel with memcg enabled. The vulnerability's CVSS score is 7.8, indicating a high severity level.

Technical summary

The vulnerability is caused by the use of get_random_u32_below() in the nmi context, which is not reentrant- or NMI-safe. This can lead to corruption of the ChaCha batch state. The vulnerability has been resolved by replacing the random pick with a per-cpu round-robin counter stored in memcg_stock_pcp and serialized by the same local_trylock that already guards cached[] and nr_pages[]. This change ensures that the memcg_stock local_trylock prevents re-entry on the percpu stock itself, protecting against unrelated subsystem per-cpu lock corruption.

Defensive priority

High priority should be given to patching affected Linux kernel systems, as the vulnerability has a high CVSS score and can potentially lead to system crashes or unexpected behavior.

Recommended defensive actions

• Patch affected Linux kernel systems as soon as possible.
• Review system configurations to ensure memcg is enabled and properly configured.
• Monitor system logs for any unusual activity related to memcg charge draining.
• Consider implementing compensating controls, such as additional logging or monitoring, to detect potential issues.
• Verify that all necessary security updates are applied to the Linux kernel.

Evidence notes

The vulnerability was reported by Harry Yoo and resolved by replacing the random pick with a per-cpu round-robin counter. The vulnerability's CVSS score is 7.8, indicating a high severity level. The vulnerability's impact is limited to systems using the Linux kernel with memcg enabled.

Official resources