In the Linux kernel, the following vulnerability has been resolved:
bpf: Validate nodeid in arenaalloc_pages()
arenaallocpages() accepts a plain int node_id and forwards it through the entire allocation chain without any bounds checking.
Validate nodeid before passing it down the allocation chain in arenaalloc_pages().
{
"cna_assigner": "Linux",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53031.json"
}