Race Condition Affecting kernel package, versions *


Severity

Recommended
medium

Based on CentOS security rating.

Threat Intelligence

EPSS
0.17% (7th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS10-KERNEL-17818822
  • published6 Jul 2026
  • disclosed4 Jul 2026

Introduced: 4 Jul 2026

NewCVE-2026-53361  (opens in a new tab)
CWE-366  (opens in a new tab)

How to fix?

There is no fixed version for Centos:10 kernel.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel package and not the kernel package as distributed by Centos. See How to fix? for Centos:10 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

af_unix: Set gc_in_progress to true in unix_gc().

Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running:

Thread 1 Thread 2 Thread 3


               unix_schedule_gc()           unix_schedule_gc()
               `- if (!gc_in_progress)      `- if (!gc_in_progress)
                  |- gc_in_progress = true     |
                  `- queue_work()              |

unix_gc() <----------------/ | | |- gc_in_progress = true ... - queue_work() | | - gc_in_progress = false | | unix_gc() <---------------------------------------------' | ... /* gc_in_progress == false */ | `- gc_in_progress = false

unix_peek_fpl() relies on gc_in_progress not to confuse GC by MSG_PEEK.

Let's set gc_in_progress to true in unix_gc().

CVSS Base Scores

version 3.1