CVE-2026-53162 in Linuxinfo

Summary

by MITRE • 06/25/2026

In the Linux kernel, the following vulnerability has been resolved:

memcg: use round-robin victim selection in refill_stock

Harry Yoo reported that get_random_u32_below() is not safe to call in the nmi context and memcg charge draining can happen in nmi context.

More specifically get_random_u32_below() is neither reentrant- nor NMI-safe: it acquires a per-cpu local_lock via local_lock_irqsave() on the batched_entropy_u32 state. An NMI that lands on a CPU mid-update of the ChaCha batch state and recurses into the random subsystem would corrupt that state. The memcg_stock local_trylock prevents re-entry on the percpu stock itself, but cannot protect an unrelated subsystem's per-cpu lock.

Replace the random pick with a per-cpu round-robin counter stored in memcg_stock_pcp and serialized by the same local_trylock that already guards cached[] and nr_pages[]. No atomics, no random calls, no extra
locks needed.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

Linux

Reservation

06/09/2026

Disclosure

06/25/2026

Moderation

accepted

Entry

VDB-373795

CPE

ready

CWE

CWE-502 (confirmed)

CVSS

5.3 (VulDB)

EPSS

0.00173

KEV

Activities

low

Sector

Government, Lawfirm, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-53162
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-53162
CVE Details	https://www.cvedetails.com/cve/CVE-2026-53162/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!