CVE & CISA-KEV Catalog

CVE-2026-53270

MEDIUM
7.1
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ip_vs_edit_service() while unbinding the old scheduler clears the svc->scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at the time when svc->sched_data is already freed after RCU grace period. Fix it by clearing the ptr early in ip_vs_unbind_scheduler(), before the done_service method schedules any RCU callbacks. Also, if the new scheduler fails to initialize when replacing the old scheduler, try to restore the old scheduler while still returning the error code.

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.259-1CVE-2026-53270
Fixed in:6.1.176-1CVE-2026-53270
Fixed in:6.12.94-1CVE-2026-53270
Fixed in:7.0.13-1CVE-2026-53270

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U

Exploit Intelligence

0.13%probability of exploitation in 30 days
3rdpercentile

Low risk: more likely to be exploited than 3% of all known CVEs.

References

Embed a live status badge for CVE-2026-53270
CVE-2026-53270 severity badge

Markdown

[![CVE-2026-53270](https://tridentstack.com/cve/badge/CVE-2026-53270.svg)](https://tridentstack.com/cve/CVE-2026-53270)

HTML

<a href="https://tridentstack.com/cve/CVE-2026-53270"><img src="https://tridentstack.com/cve/badge/CVE-2026-53270.svg" alt="CVE-2026-53270"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-30.