CVE-2026-53282
Received Received - Intake
Stack Overflow in Linux Kernel kexec-tools Purgatory

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After the commit in Fixes: the word above the stack might not be there, leading to a fault (which is at least now caught by my exception-handling code in kexec). That commit fixed things for the actual kjump path, but no longer "gratuitously" pushes the unused return address to the stack in the non-kjump path. Put that *back* in the non-kjump path, to prevent purgatory from crashing when trying to access it.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-53282
EUVD
EUVD-2026-39887
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's kexec subsystem, specifically related to the purgatory code used by kexec-tools. The purgatory code attempts to find a return address for a kjump by looking above the top of its stack, even when it is not a kjump kexec. After a fix was applied, the code no longer pushed an unused return address onto the stack in the non-kjump path, which caused the purgatory code to potentially crash when it tried to access a return address that was not there.

The vulnerability arises because the purgatory code expects a return address above the stack, but in the non-kjump path, this address might not exist, leading to a fault. The fix involved restoring the pushing of the unused return address in the non-kjump path to prevent crashes.

Impact Analysis

This vulnerability can cause the purgatory code in kexec-tools to crash during a non-kjump kexec operation. Such a crash could disrupt the kexec process, which is used to load and boot into a new kernel without going through a full system reboot.

The impact is primarily a fault or crash in the kernel execution process, potentially leading to system instability or failure to properly switch kernels during kexec operations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53282. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart