Critical Linux Kernel Vulnerability CVE-2026-53325 Affects Virtualization

CVE-2026-53325 is a critical vulnerability in the Linux kernel's AMD64 AGP driver, caused by improper error handling in the agp_amd64_probe() function. This flaw can lead to a NULL pointer dereference and General Protection Fault (GPF) when the kernel operates in virtualized environments without an AMD northbridge. The vulnerability affects a wide range of kernel versions, from 2.6.18 to the latest releases. Although the issue has been patched in recent kernel updates, many systems remain vulnerable. Currently, there is no evidence of exploitation in the wild, and it is not listed in the CISA Known Exploited Vulnerabilities catalog. The primary risk is a denial of service, as systems may crash and require rebooting, disrupting hosted workloads. No Advanced Persistent Threat (APT) groups have been linked to this vulnerability, and no proof-of-concept exploits have been published.

Key Points: • CVE-2026-53325 affects the Linux kernel's AMD64 AGP driver, leading to potential system crashes. • The vulnerability arises from improper error handling in the agp_amd64_probe() function. • No active exploitation has been reported, but many kernel versions remain vulnerable.