U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2026-53003

Change History

New CVE Received from kernel.org 6/24/2026 1:17:11 PM

Action Type Old Value New Value
Added Description

                  
                
              
In the Linux kernel, the following vulnerability has been resolved:

pppoe: drop PFC frames

RFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT
RECOMMENDED for PPPoE. In practice, pppd does not support negotiating
PFC for PPPoE sessions, and the current PPPoE driver assumes an
uncompressed (2-byte) protocol field. However, the generic PPP layer
function ppp_input() is not aware of the negotiation result, and still
accepts PFC frames.

If a peer with a broken implementation or an attacker sends a frame with
a compressed (1-byte) protocol field, the subsequent PPP payload is
shifted by one byte. This causes the network header to be 4-byte
misaligned, which may trigger unaligned access exceptions on some
architectures.

To reduce the attack surface, drop PPPoE PFC frames. Introduce
ppp_skb_is_compressed_proto() helper function to be used in both
ppp_generic.c and pppoe.c to avoid open-coding.
Added Reference

                  
                
              
https://git.kernel.org/stable/c/0cab5d077dd1efd2bd1a47271acc35894f945b4f
Added Reference

                  
                
              
https://git.kernel.org/stable/c/2b5c3c040d020e3ab3b9a8887031202d96843b1e
Added Reference

                  
                
              
https://git.kernel.org/stable/c/49e41b60ccd1bdbe9e218420f716dd5f9a2f9c71
Added Reference

                  
                
              
https://git.kernel.org/stable/c/8a5e840babc5c0fbd10c73728a13192347771ec6
Added Reference

                  
                
              
https://git.kernel.org/stable/c/ba758fdf1399f310b30098b6faa3fd043de47dd2
Added Reference

                  
                
              
https://git.kernel.org/stable/c/cb3beef35ab5e0c1afca9fd7648c6ae499786377
Added Reference

                  
                
              
https://git.kernel.org/stable/c/cc1ff87bce1ccd38410ab10960f576dcd17db679
Added Reference

                  
                
              
https://git.kernel.org/stable/c/fcca1df05322bb04e344dd1178b54b76a08eb7c3
Added Affected

                  
                
              
[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ppp/ppp_generic.c","drivers/net/ppp/pppoe.c","include/linux/ppp_defs.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"cb3beef35ab5e0c1afca9fd7648c6ae499786377","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"ba758fdf1399f310b30098b6faa3fd043de47dd2","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"fcca1df05322bb04e344dd1178b54b76a08eb7c3","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"8a5e840babc5c0fbd10c73728a13192347771ec6","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"49e41b60ccd1bdbe9e218420f716dd5f9a2f9c71","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"0cab5d077dd1efd2bd1a47271acc35894f945b4f","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"2b5c3c040d020e3ab3b9a8887031202d96843b1e","versionType":"git","status":"affected"},{"version":"7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6","lessThan":"cc1ff87bce1ccd38410ab10960f576dcd17db679","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ppp/ppp_generic.c","drivers/net/ppp/pppoe.c","include/linux/ppp_defs.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.0","status":"affected"},{"version":"0","lessThan":"5.0","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]