CVE-2026-53321

Public on 2026-06-26
Modified on 2026-07-03
Description
In the Linux kernel, the following vulnerability has been resolved:

io_uring/napi: cap busy_poll_to 10 msec

Currently there's no cap on the maximum amount of time that napi is
allowed to poll if no events are found, which can lead to kernel
complaints on a task being stuck as there's no conditional rescheduling
done within that loop.

Just cap it to 10 msec in total, that's already way above any kind of
sane value that will reap any benefits, yet low enough that it's
nowhere near being able to trigger preemption complaints.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core kernel Not Affected
Amazon Linux 2 - Kernel-5.10 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.15 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.4 Extra kernel Not Affected
Amazon Linux 2023 kernel Not Affected
Amazon Linux 2023 kernel6.12 Pending Fix
Amazon Linux 2023 kernel6.18 Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H