CVE-2026-53282

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2026
Last modified:
30/06/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> x86/kexec: Push kjump return address even for non-kjump kexec<br /> <br /> The version of purgatory code shipped by kexec-tools attempts to look above<br /> the top of its stack to find a return address for a kjump, even in a non-kjump<br /> kexec.<br /> <br /> After the commit in Fixes: the word above the stack might not be there,<br /> leading to a fault (which is at least now caught by my exception-handling code<br /> in kexec).<br /> <br /> That commit fixed things for the actual kjump path, but no longer<br /> "gratuitously" pushes the unused return address to the stack in the non-kjump<br /> path. Put that *back* in the non-kjump path, to prevent purgatory from<br /> crashing when trying to access it.

Impact