PT-2026-30167

In the Linux kernel, the following vulnerability has been resolved: io uring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown happen back-to-back, both fire wake-ups before the receiver's task work has a chance to run. The first wake gets poll ownership poll...

CVE-2025-71149 io_uring/poll: correctly handle io_poll_add() return value on update

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

CVE-2025-71149

...

PT-2023-35038 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v6.1.7 through v6.1.8 Description: The issue is related to a potential security vulnerability in the io uring/poll component. It was introduced in version v6.1.7 and fixed in version v6.1.8. The actual impact and attack...

PT-2022-4808 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free in io uring in the Linux kernel. The Signalfd poll and binder poll functions use a waitqueue whose lifetime is the current task, and it sends a...