CVE-2026-53031 | In the Linux kernel, the following vulnerability has been re…

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate node_id in arena_alloc_pages() arena_alloc_pages() accepts a plain int node_id and forwards it through the entire allocation chain without any bounds checking. Validate node_id before passing it down the allocation chain in arena_alloc_pages().

Metadata

CVE ID: CVE-2026-53031
State: PUBLISHED
Assigner: Linux
Reserved: 2026-06-09 07:44 UTC
Published: 2026-06-24 16:29 UTC
Last updated: 2026-06-24 16:29 UTC
Vendor / Product: Linux / Linux
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (2)

Vendor	Product	Platform	Versions
Linux	Linux	—	317460317a02a1af512697e6e964298dedd8a163 < 31d3b4b28e55835646d6829d60023f730dd34e85, 317460317a02a1af512697e6e964298dedd8a163 < e15900888c09480a4c632bc598f1c5bd39bed6d6, 317460317a02a1af512697e6e964298dedd8a163 < fb66e20130f95a93ffea1677252526a9e39170b2, 317460317a02a1af512697e6e964298dedd8a163 < 2845989f2ebaf7848e4eccf9a779daf3156ea0a5
Linux	Linux	—	6.9, 0 < 6.9, 6.12.91 ≤ 6.12., 6.18.33 ≤ 6.18. …

References (4)