CVE-2026-53099

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI

This was renamed in commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI") as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out. Meaning the CFI failures for btf_dtor_kfunc_t would still trigger.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux99fde4d0626176d03cea35c64a063df73816e64d < f74fce43dbc059e059b5346a670f697c0e97b1d0affected
LinuxLinux99fde4d0626176d03cea35c64a063df73816e64d < 9b0cf064ea0a6bac5e1a5fb43b004fd52fbe2b3baffected
LinuxLinux7.0affected
LinuxLinux0 < 7.0unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References