Description
In the Linux kernel, the following vulnerability has been resolved:

bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI

This was renamed in commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG
to CONFIG_CFI") as it is now a compiler-agnostic option. Using the wrong
name results in the code getting compiled out. Meaning the CFI failures
for btf_dtor_kfunc_t would still trigger.
Published: 2026-06-24
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw occurs when the Linux kernel is compiled with the legacy configuration option CONFIG_CFI_CLANG instead of the newer, compiler‑agnostic CONFIG_CFI. This mismatch causes the compiler to omit code that implements CFI checks for the btf_dtor_kfunc_t functions, effectively disabling that layer of protection. As a result, attackers may be able to exploit control‑flow hijack techniques that CFI normally prevents.

Affected Systems

All Linux kernel builds produced before the commit that renamed CONFIG_CFI_CLANG to CONFIG_CFI are affected. This includes any distribution or custom kernel that used the old option name and has not been updated to the new configuration setting.

Risk and Exploitability

The publicly available CVSS score is missing, and an EPSS value is not supplied, so the exact severity cannot be determined from the data. The vulnerability is not listed in the CISA KEV catalog, indicating no known exploited instances. Nonetheless, the loss of CFI can allow arbitrary code execution if an attacker can trigger the affected BTF function pointers, which suggests a moderate risk for systems that rely on CFI for kernel integrity. The likely attack vector is local or requires a user‑land component that can influence kernel data structures.

Generated by OpenCVE AI on June 24, 2026 at 19:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that includes the rename of CONFIG_CFI_CLANG to CONFIG_CFI (commit 23ef9d439769).
  • Verify that the running kernel’s configuration has CONFIG_CFI enabled and that CONFIG_CFI_CLANG is not used. If the configuration file is available, correct the option name and rebuild the kernel.
  • If you build a custom kernel, rebuild it with the updated configuraton and reinstall the kernel and associated modules.

Generated by OpenCVE AI on June 24, 2026 at 19:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 24 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-640
CWE-704

Wed, 24 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI This was renamed in commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI") as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out. Meaning the CFI failures for btf_dtor_kfunc_t would still trigger.
Title bpf: Switch CONFIG_CFI_CLANG to CONFIG_CFI
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-24T16:30:36.549Z

Reserved: 2026-06-09T07:44:35.384Z

Link: CVE-2026-53099

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T20:00:10Z

Weaknesses
  • CWE-640

    Weak Password Recovery Mechanism for Forgotten Password

  • CWE-704

    Incorrect Type Conversion or Cast