PT-2026-54820 · Linux · Linux Kernel

Published

2026-07-01

·

Updated

2026-07-02

·

CVE-2026-53352

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A race condition exists when a multi-threaded process receives a stop signal, such as SIGSTOP. The do signal stop() function sets JOBCTL STOP PENDING and JOBCTL STOP CONSUME on all threads and initializes signal->group stop count. If a thread concurrently calls execve(), the de thread() function invokes zap other threads() to terminate other threads. While zap other threads() resets signal->group stop count to 0 and clears the JOBCTL PENDING MASK for other threads, it fails to clear these flags for the calling thread.
Upon completion of execve(), the calling thread returns to user mode and detects the stale JOBCTL STOP PENDING flag, leading to a call to do signal stop() and subsequently task participate group stop(). Because JOBCTL STOP CONSUME remains set, the system attempts to decrement the already-zero signal->group stop count, resulting in a kernel warning. The issue involves the zap other threads() function and the JOBCTL PENDING MASK variable.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

Related Identifiers

CVE-2026-53352
ECHO-9C44-BE2F-9595

Affected Products

Linux Kernel