CVE-2026-53321

Source
https://cve.org/CVERecord?id=CVE-2026-53321
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53321.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-53321
Downstream
Published
2026-06-26T19:41:12.589Z
Modified
2026-07-08T08:13:45.696940126Z
Summary
io_uring/napi: cap busy_poll_to 10 msec
Details

In the Linux kernel, the following vulnerability has been resolved:

iouring/napi: cap busypoll_to 10 msec

Currently there's no cap on the maximum amount of time that napi is allowed to poll if no events are found, which can lead to kernel complaints on a task being stuck as there's no conditional rescheduling done within that loop.

Just cap it to 10 msec in total, that's already way above any kind of sane value that will reap any benefits, yet low enough that it's nowhere near being able to trigger preemption complaints.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53321.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5
Fixed
39767f944a8c9e696566c37ad5b20131406c4b8d
Fixed
cb3af525f8dfb8930f0c123e5755fa967a12d5c1
Fixed
df8599ee18c0e5fe343ffe0b4c379636b8bb839a

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53321.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.9.0
Fixed
6.18.33
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-53321.json"