CVE-2026-53110
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
A vulnerability in the Linux kernel's s390 BPF JIT fails to properly handle zero extension for return values and kfunc arguments as required by the s390x ABI. The missing zero extension can cause incorrect behavior of BPF programs on s390x systems.
Risk Assessment
Organizations may face unpredictable BPF program behavior on s390x systems, potentially leading to logic errors, data integrity violations, or privilege escalation if malicious BPF programs are executed.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit in the kernel repository). For production systems, apply the security patch after compatibility testing.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Zero-extend bpf prog return values and kfunc arguments s390x ABI requires callers to zero-extend unsigned arguments and sign-extend signed arguments, and callees to zero-extend unsigned return values and sign-extend signed return values. s390 BPF JIT currently implements only sign extension. Fix this omission and implement zero extension too.

