CVE-2026-53083
Received Received - Intake
RCU Stall in Linux Kernel BPF Subsystem

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix RCU stall in bpf_fd_array_map_clear() Add a missing cond_resched() in bpf_fd_array_map_clear() loop. For PROG_ARRAY maps with many entries this loop calls prog_array_map_poke_run() per entry which can be expensive, and without yielding this can cause RCU stalls under load: rcu: Stack dump where RCU GP kthread last ran: CPU: 0 UID: 0 PID: 30932 Comm: kworker/0:2 Not tainted 6.14.0-13195-g967e8def1100 #2 PREEMPT(undef) Workqueue: events prog_array_map_clear_deferred RIP: 0010:write_comp_data+0x38/0x90 kernel/kcov.c:246 Call Trace: <TASK> prog_array_map_poke_run+0x77/0x380 kernel/bpf/arraymap.c:1096 __fd_array_map_delete_elem+0x197/0x310 kernel/bpf/arraymap.c:925 bpf_fd_array_map_clear kernel/bpf/arraymap.c:1000 [inline] prog_array_map_clear_deferred+0x119/0x1b0 kernel/bpf/arraymap.c:1141 process_one_work+0x898/0x19d0 kernel/workqueue.c:3238 process_scheduled_works kernel/workqueue.c:3319 [inline] worker_thread+0x770/0x10b0 kernel/workqueue.c:3400 kthread+0x465/0x880 kernel/kthread.c:464 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:153 ret_from_fork_asm+0x19/0x30 arch/x86/entry/entry_64.S:245 </TASK>
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-53083
EUVD
EUVD-2026-38951
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel 6.14.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's BPF subsystem, specifically in the function bpf_fd_array_map_clear(). The issue is caused by a missing cond_resched() call inside a loop that clears PROG_ARRAY maps with many entries. Without this call, the loop does not yield the CPU, which can lead to RCU (Read-Copy-Update) stalls under load. This means that the kernel's RCU grace period thread can be blocked, causing performance degradation or system responsiveness issues.

Detection Guidance

This vulnerability relates to an RCU stall caused by a missing cond_resched() call in the bpf_fd_array_map_clear() loop in the Linux kernel. Detection would involve monitoring for RCU stalls or kernel stack dumps indicating the issue.

You can check for RCU stalls by examining kernel logs for messages related to RCU stalls or stack dumps similar to the one described in the vulnerability.

  • Use dmesg or journalctl to look for RCU stall messages: `dmesg | grep -i rcu` or `journalctl -k | grep -i rcu`
  • Check for kernel stack traces involving bpf_fd_array_map_clear or prog_array_map_clear_deferred functions.
  • Monitor system performance and kernel worker threads for stalls or delays, especially under load when PROG_ARRAY maps are heavily used.
Mitigation Strategies

The vulnerability is fixed by adding a missing cond_resched() call in the bpf_fd_array_map_clear() loop to prevent RCU stalls.

Immediate mitigation steps include:

  • Update the Linux kernel to a version that includes the fix for this vulnerability (post 6.14.0-13195-g967e8def1100).
  • If updating immediately is not possible, reduce the load on PROG_ARRAY maps or avoid workloads that cause extensive calls to prog_array_map_poke_run.
  • Monitor for RCU stalls and kernel warnings to detect if the issue is occurring.
Impact Analysis

The impact of this vulnerability is primarily related to system performance and stability. When the bpf_fd_array_map_clear() function processes PROG_ARRAY maps with many entries, the missing cond_resched() call can cause the kernel's RCU grace period thread to stall. This stall can lead to delays in kernel operations that rely on RCU, potentially causing system slowdowns or reduced responsiveness under heavy load.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53083. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart