CVE-2026-53314 Affecting kernel-ipaclones-internal package, versions *


Severity

Recommended
low

Based on CentOS security rating.

Threat Intelligence

EPSS
0.16% (6th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS8-KERNELIPACLONESINTERNAL-17726510
  • published30 Jun 2026
  • disclosed26 Jun 2026

Introduced: 26 Jun 2026

NewCVE-2026-53314  (opens in a new tab)

How to fix?

There is no fixed version for Centos:8 kernel-ipaclones-internal.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-ipaclones-internal package and not the kernel-ipaclones-internal package as distributed by Centos. See How to fix? for Centos:8 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

padata: Put CPU offline callback in ONLINE section to allow failure

syzbot reported the following warning:

DEAD callback error for CPU1
WARNING: kernel/cpu.c:1463 at _cpu_down+0x759/0x1020 kernel/cpu.c:1463, CPU#0: syz.0.1960/14614

at commit 4ae12d8bd9a8 ("Merge tag 'kbuild-fixes-7.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux") which tglx traced to padata_cpu_dead() given it's the only sub-CPUHP_TEARDOWN_CPU callback that returns an error.

Failure isn't allowed in hotplug states before CPUHP_TEARDOWN_CPU so move the CPU offline callback to the ONLINE section where failure is possible.

CVSS Base Scores

version 3.1