{"api_version":"1","generated_at":"2026-07-03T18:50:06+00:00","cve":"CVE-2026-53321","urls":{"html":"https://cve.report/CVE-2026-53321","api":"https://cve.report/api/cve/CVE-2026-53321.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-53321","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-53321"},"summary":{"title":"io_uring/napi: cap busy_poll_to 10 msec","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/napi: cap busy_poll_to 10 msec\n\nCurrently there's no cap on the maximum amount of time that napi is\nallowed to poll if no events are found, which can lead to kernel\ncomplaints on a task being stuck as there's no conditional rescheduling\ndone within that loop.\n\nJust cap it to 10 msec in total, that's already way above any kind of\nsane value that will reap any benefits, yet low enough that it's\nnowhere near being able to trigger preemption complaints.","state":"PUBLISHED","assigner":"Linux","published_at":"2026-06-26 20:17:25","updated_at":"2026-06-30 14:44:27"},"problem_types":[],"metrics":[],"references":[{"url":"https://git.kernel.org/stable/c/39767f944a8c9e696566c37ad5b20131406c4b8d","name":"https://git.kernel.org/stable/c/39767f944a8c9e696566c37ad5b20131406c4b8d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/df8599ee18c0e5fe343ffe0b4c379636b8bb839a","name":"https://git.kernel.org/stable/c/df8599ee18c0e5fe343ffe0b4c379636b8bb839a","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/cb3af525f8dfb8930f0c123e5755fa967a12d5c1","name":"https://git.kernel.org/stable/c/cb3af525f8dfb8930f0c123e5755fa967a12d5c1","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-53321","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-53321","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5 39767f944a8c9e696566c37ad5b20131406c4b8d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5 cb3af525f8dfb8930f0c123e5755fa967a12d5c1 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5 df8599ee18c0e5fe343ffe0b4c379636b8bb839a git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 6.9","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.9 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.18.33 6.18.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.0.10 7.0.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 7.1 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"53321","cve":"CVE-2026-53321","epss":"0.001540000","percentile":"0.049740000","score_date":"2026-07-02","updated_at":"2026-07-03 00:06:13"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["io_uring/napi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"39767f944a8c9e696566c37ad5b20131406c4b8d","status":"affected","version":"8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5","versionType":"git"},{"lessThan":"cb3af525f8dfb8930f0c123e5755fa967a12d5c1","status":"affected","version":"8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5","versionType":"git"},{"lessThan":"df8599ee18c0e5fe343ffe0b4c379636b8bb839a","status":"affected","version":"8d0c12a80cdeb80d5e0510e96d38fe551ed8e9b5","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["io_uring/napi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"6.9"},{"lessThan":"6.9","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"6.18.*","status":"unaffected","version":"6.18.33","versionType":"semver"},{"lessThanOrEqual":"7.0.*","status":"unaffected","version":"7.0.10","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"7.1","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.18.33","versionStartIncluding":"6.9","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0.10","versionStartIncluding":"6.9","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1","versionStartIncluding":"6.9","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/napi: cap busy_poll_to 10 msec\n\nCurrently there's no cap on the maximum amount of time that napi is\nallowed to poll if no events are found, which can lead to kernel\ncomplaints on a task being stuck as there's no conditional rescheduling\ndone within that loop.\n\nJust cap it to 10 msec in total, that's already way above any kind of\nsane value that will reap any benefits, yet low enough that it's\nnowhere near being able to trigger preemption complaints."}],"providerMetadata":{"dateUpdated":"2026-06-26T19:41:12.589Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/39767f944a8c9e696566c37ad5b20131406c4b8d"},{"url":"https://git.kernel.org/stable/c/cb3af525f8dfb8930f0c123e5755fa967a12d5c1"},{"url":"https://git.kernel.org/stable/c/df8599ee18c0e5fe343ffe0b4c379636b8bb839a"}],"title":"io_uring/napi: cap busy_poll_to 10 msec","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2026-53321","datePublished":"2026-06-26T19:41:12.589Z","dateReserved":"2026-06-09T07:44:35.398Z","dateUpdated":"2026-06-26T19:41:12.589Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-26 20:17:25","lastModifiedDate":"2026-06-30 14:44:27","problem_types":[],"metrics":[],"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"53321","Ordinal":"1","Title":"io_uring/napi: cap busy_poll_to 10 msec","CVE":"CVE-2026-53321","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"53321","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/napi: cap busy_poll_to 10 msec\n\nCurrently there's no cap on the maximum amount of time that napi is\nallowed to poll if no events are found, which can lead to kernel\ncomplaints on a task being stuck as there's no conditional rescheduling\ndone within that loop.\n\nJust cap it to 10 msec in total, that's already way above any kind of\nsane value that will reap any benefits, yet low enough that it's\nnowhere near being able to trigger preemption complaints.","Type":"Description","Title":"io_uring/napi: cap busy_poll_to 10 msec"}]}}}