In the Linux kernel, the following vulnerability has been resolved:
x86/kexec: Push kjump return address even for non-kjump kexec
The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec.
After the commit in Fixes: the word above the stack might not be there, leading to a fault (which is at least now caught by my exception-handling code in kexec).
That commit fixed things for the actual kjump path, but no longer "gratuitously" pushes the unused return address to the stack in the non-kjump path. Put that back in the non-kjump path, to prevent purgatory from crashing when trying to access it.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53282.json",
"cna_assigner": "Linux"
}