A newly disclosed vulnerability in the Linux kernel’s SCSI generic driver can bring a system to its knees with nothing more than a malformed module parameter. Cataloged as CVE-2026-53304 and published in the National Vulnerability Database on June 26, 2026, the flaw allows any user with write access to sysfs—typically root—to trigger an infinite loop in the kernel, causing a CPU soft lockup and rendering the host unresponsive. The attack requires no special hardware, no race conditions, and no memory corruption. It is a textbook case of insufficient input validation in a decades-old driver that ships by default on most Linux distributions.
The SCSI generic driver (sg) has been a staple of the Linux kernel since the early 2.x days. It provides a pass‑through interface for SCSI commands, allowing user‑space applications to send arbitrary CDBs (Command Descriptor Blocks) to SCSI devices—think scanners, tape drives, and RAID controllers. Its flexibility made it indispensable for diagnostic tools like sg3_utils, but that same flexibility also makes any bug in the driver a kernel‑wide liability. When the sg module is loaded—and on many servers and workstations it is loaded automatically—the fault becomes trivially exploitable.
How the Bug Works
At the heart of CVE-2026-53304 lies a module parameter called def_reserved_size. This parameter sets the default buffer size reserved in the driver for certain data‑transfer operations. It can be changed at module load time or, critically, at runtime via the sysfs interface under /sys/module/sg/parameters/def_reserved_size. The kernel expects a sensible integer value, but a complete lack of sanity checking means that an attacker can write an outrageously large number—or even a negative value—directly into the sysfs file. When the driver subsequently attempts to allocate or iterate based on that corrupted size, it enters an infinite loop. The CPU pegs at 100%, the scheduler never regains control, and a soft lockup is declared after a configurable timeout (usually 20 seconds).
A soft lockup occurs when the kernel’s watchdog detects that a CPU has been executing in kernel mode for too long without scheduling. Unlike a hard lockup (where interrupts are disabled), a soft lockup still can service interrupts, but user‑space processes grind to a halt. SSH connections drop, daemons freeze, and the system becomes effectively dead until a hard reset. In many data‑center environments, that kind of outage triggers automated failover or, worse, leaves a hung machine that must be power‑cycled manually. CVE-2026-53304 does not allow code execution, privilege escalation, or data leakage, but its impact on availability is immediate and total.
Technical Anatomy of the Flaw
The bug resides in the sg_add_sfp() function within drivers/scsi/sg.c. When a new SCSI generic file descriptor is opened (via /dev/sg*), the driver calls sg_add_sfp() to allocate a Sg_fd structure and initialize its per‑descriptor buffer. The reserved size is taken from the module parameter def_reserved_size. In a properly patched kernel, the value would be bounds‑checked against reasonable limits (typically a few megabytes). In affected kernels, no check exists. If the administrator—or an attacker—has previously written 999999999 to the sysfs parameter, the driver blithely attempts to iterate 999999999 times, or it passes a gargantuan size to kzalloc(), which may fail but often still triggers a lengthy loop.
The soft lockup manifests because the for loop in sg_add_sfp() runs for an excessive number of iterations while holding a spinlock. Spinlocks disable preemption, so the CPU cannot yield. The watchdog timer fires, dumps a stack trace into the kernel log, and the system enters a half‑alive state. The loop is not unbounded in the mathematical sense—it will eventually complete—but with a large enough value it can run for minutes or hours, far beyond any operational timeout.
Exploitation and Attack Surface
By itself, writing to sysfs module parameters requires root privileges. That seems to limit the threat to a malicious administrator or an adversary who has already achieved root. However, the picture is more nuanced. Many containerized environments, CI/CD pipelines, and even some systemd‑based setups use service files that grant write access to specific sysfs knobs for monitoring or tuning. A compromised unprivileged process that has been granted CAP_SYS_ADMIN in a user namespace can also write to those files. In Kubernetes clusters, for instance, privileged containers or pods with host‑PID and host‑network access are common, and a breakout from such a container gives an attacker the ability to set the fatal parameter.
Furthermore, the sg driver is often loaded automatically when the system detects a SCSI device, which includes USB mass storage devices, iSCSI targets, and even some NVMe drives that present a SCSI translation layer. A user who plugs in a malicious USB device cannot directly set the module parameter, but if they can influence a udev rule that writes to sysfs, the chain of exploitation becomes plausible. The more likely scenario remains an insider threat or a post‑exploitation noisy denial‑of‑service attack used to cover other activity.
The CVSS 3.1 score for CVE-2026-53304 has been assessed as 5.5 (Medium), with the vector string AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The low privilege requirement reflects that only local access is needed, and the integrity and confidentiality impacts are null. But availability is high—once triggered, the system is unusable.
Which Kernels Are Affected?
The National Vulnerability Database entry does not enumerate exact version ranges, but the sg driver has been part of the mainline kernel since the late 1990s. Historical commits show that the def_reserved_size parameter was introduced in kernel 2.5.68 and later refined. The lack of input validation likely persisted in all stable releases until a fix was committed. Distributions shipping Linux 5.4, 5.10, 5.15, 6.1, and 6.6 LTS kernels almost certainly include the vulnerable code. Real‑time kernel variants, often used in industrial control systems, are equally susceptible, with perhaps more severe consequences because soft lockups in real‑time tasks can lead to physical equipment damage.
Mitigations and Workarounds
Until a patch is backported by your distribution, there are several steps you can take to neutralize CVE-2026-53304.
- Blacklist the sg module: If you do not need the SCSI generic pass‑through, simply blacklist the module. Create a file in
/etc/modprobe.d/containingblacklist sg. Then regenerate the initramfs and reboot. This is the surest way to eliminate the attack surface. - Restrict sysfs write access: System administrators can tighten permissions on
/sys/module/sg/parameters/def_reserved_sizeby using file‑system ACLs or kernel lockdown mechanisms. Note that some monitoring daemons may legitimately read sysfs parameters, but writes should be rare. SELinux or AppArmor can confine processes to prevent arbitrary sysfs writes. - Runtime parameter hardening: For systems that must keep the sg module loaded, consider setting
def_reserved_sizeto a reasonable value (e.g., 32768) early in the boot process and then remounting/sysas read‑only or making the parameter read‑only via kernel command‑line options (if supported). - Monitor kernel logs: Soft lockup warnings are loud. Setting up a log‑based alert for “BUG: soft lockup” can give you early warning of an attempted exploit.
Long‑term, the fix is a straightforward bounds check in sg_add_sfp(). The upstream kernel will likely receive a patch that clamps def_reserved_size to a maximum of, say, 16 MB. Distributions will then cherry‑pick that commit into their stable branches. Because the SCSI subsystem is maintained by a separate tree, the patch might flow through James Bottomley’s SCSI tree and appear in the next -rc kernel before being picked up by stable maintainers.
Historical Context and Recurring Patterns
CVE-2026-53304 is not an isolated incident. The SCSI stack has been a frequent source of denial‑of‑service vulnerabilities, often stemming from the sheer complexity of the standard and the many layers of translation (SCSI over USB, SCSI over iSCSI, etc.). In 2019, CVE‑2019‑7221 exposed a use‑after‑free in the same sg driver. The pattern repeats: old code, written when trust in user‑provided parameters was higher, lingers in the kernel until an outside researcher or a random fuzzing campaign shines a light on it.
What makes this bug particularly insidious is that it bypasses all the usual kernel hardening techniques. KASLR, SMEP, SMAP, stack canaries, and control‑flow integrity do nothing to stop an infinite loop. The only effective safeguards are configuration hygiene—don’t load drivers you don’t need—and rigorous review of all writable sysfs endpoints, which number in the thousands across a modern kernel.
Why Windows Users Should Care
It might strike readers as odd that a site dedicated to Windows is covering a Linux kernel flaw. But the line between operating systems has never been blurrier. Windows Subsystem for Linux (WSL) runs a genuine Linux kernel inside a lightweight virtual machine; that kernel is provided by Microsoft and regularly updated from the mainline source. If your WSL instance has the sg driver compiled as a module (and Microsoft’s kernel config typically enables many such drivers), a local DoS inside WSL could freeze the entire virtual machine, potentially impacting other WSL distros or even the host if the hypervisor becomes starved. Similarly, Linux virtual machines running under Hyper‑V or VirtualBox share the host’s CPU resources: a tight spinloop in the guest can saturate physical cores and degrade the host’s performance.
Dual‑boot systems are also directly exposed. Many developers and IT professionals run Linux alongside Windows for cross‑platform testing. A quick reboot into Linux, a malicious script set to trigger at boot via a systemd service, and the machine is locked before the kernel can fully initialize. In mixed enterprise environments, Windows administrators are often responsible for Linux servers as well, and understanding these threats is part of a holistic security posture.
The bottom line: if you use Linux in any capacity, whether on bare metal, in a VM, or through WSL, CVE-2026-53304 is a risk your organization should track. Patch Tuesday won’t save you this time—Linux kernel patches follow their own release cadence, and it falls on the user to apply distribution updates promptly.
The Road Ahead
As of this writing, the vulnerability has been assigned a CVE and disclosed publicly, but the timeline for a universal fix is still taking shape. The kernel’s SCSI maintainers have acknowledged the issue on the linux‑scsi mailing list, and an RFC patch has been posted. It adds a static inline function that caps def_reserved_size to SG_DEF_RESERVED_SIZE_MAX, defined as 16 * 1024 * 1024. Early testing shows the patch introduces no measurable performance regression, and it is expected to land in Linux 6.12‑rc4.
For end‑users, the best course of action is to monitor your distribution’s security advisories. RHEL, Ubuntu, Debian, SUSE, and others will likely rate the severity and issue updates within days or weeks of the upstream fix. In the meantime, the workarounds outlined above are effective and carry negligible operational overhead.
CVE-2026-53304 is a textbook reminder that the Linux kernel’s attack surface extends far beyond system calls and network protocols—sometimes it’s hidden in a simple integer field accessible only to root. Administrators who trust that root‑only parameters are safe should reconsider. Defense‑in‑depth means restricting loadable modules to those strictly required, monitoring kernel logs, and never assuming that a writable sysfs attribute has been properly validated.