CVE-2026-53099 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI This was renamed in commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI") as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out. Meaning the CFI failures for btf_dtor_kfunc_t would still trigger.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/9b0cf064ea0a6bac5e1a5fb43b004fd52fbe2b3b
https://git.kernel.org/stable/c/f74fce43dbc059e059b5346a670f697c0e97b1d0

History

Wed, 24 Jun 2026 17:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI This was renamed in commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI") as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out. Meaning the CFI failures for btf_dtor_kfunc_t would still trigger.
Title		bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/9b0cf064ea0a6bac5e1a5fb43b004fd52fbe2b3b https://git.kernel.org/stable/c/f74fce43dbc059e059b5346a670f697c0e97b1d0

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-06-24T16:30:36.549Z

Updated: 2026-06-24T16:30:36.549Z

Reserved: 2026-06-09T07:44:35.384Z

Link: CVE-2026-53099

Vulnrichment

No data.

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-53099", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-06-09T07:44:35.384Z", "datePublished": "2026-06-24T16:30:36.549Z", "dateUpdated": "2026-06-24T16:30:36.549Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-24T16:30:36.549Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI\n\nThis was renamed in commit 23ef9d439769 (\"kcfi: Rename CONFIG_CFI_CLANG\nto CONFIG_CFI\") as it is now a compiler-agnostic option. Using the wrong\nname results in the code getting compiled out. Meaning the CFI failures\nfor btf_dtor_kfunc_t would still trigger."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/btf.c"], "versions": [{"version": "99fde4d0626176d03cea35c64a063df73816e64d", "lessThan": "f74fce43dbc059e059b5346a670f697c0e97b1d0", "status": "affected", "versionType": "git"}, {"version": "99fde4d0626176d03cea35c64a063df73816e64d", "lessThan": "9b0cf064ea0a6bac5e1a5fb43b004fd52fbe2b3b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/bpf/btf.c"], "versions": [{"version": "7.0", "status": "affected"}, {"version": "0", "lessThan": "7.0", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0", "versionEndExcluding": "7.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.0", "versionEndExcluding": "7.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f74fce43dbc059e059b5346a670f697c0e97b1d0"}, {"url": "https://git.kernel.org/stable/c/9b0cf064ea0a6bac5e1a5fb43b004fd52fbe2b3b"}], "title": "bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI", "x_generator": {"engine": "bippy-1.2.0"}}}}