CVE-2026-43442

In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq validated the logical SQ head position...

RHEL 9 : kernel (RHSA-2026:3966)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3966 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel iouring: Local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004760 advisory. A flaw was found in the Linux kernels iouring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalat...

Linux Distros Unpatched Vulnerability : CVE-2022-50705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to whe...

SUSE CVE-2025-40216

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: don't rely on user vaddr alignment There is no guaranteed alignment for user pointers, however the calculation of an offset of the first page into a folio after coalescing uses some weird bit mask logic, get rid of ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989765 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL:...

EUVD-2023-58789

Malicious code in bioql PyPI...

EUVD-2021-7666

Malicious code in bioql PyPI...

CVE-2025-38504

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on...

CVE-2025-38504

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on...

Linux Distros Unpatched Vulnerability : CVE-2022-1043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's iouring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or...

Linux Distros Unpatched Vulnerability : CVE-2023-2236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux Kernel iouring subsystem can be exploited to achieve local privilege escalation. Both ioinstallfixedfile and its...

Linux Distros Unpatched Vulnerability : CVE-2024-0582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak flaw was found in the Linux kernel's iouring functionality in how a user registers a buffer ring with IORINGREGISTERPBUFRING, mmap it, and then...

Linux Distros Unpatched Vulnerability : CVE-2022-1508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in the Linux kernel's iouring module in the way a user triggers the ioread function with some special parameters. This flaw...

Linux Distros Unpatched Vulnerability : CVE-2021-47123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix ltout double free on completion race Always remove linked timeout on...

CVE-2025-38453 io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: ensure iokiocb freeing is deferred for RCU syzbot reports that defer/local taskwork adding via msgring can hit a request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354 Not tainted...

CVE-2025-38196 io_uring/rsrc: validate buffer count with offset for cloning

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARNON for kmalloc attempt that's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 kvmallocnodenoprof+0x520/0x640 mm/slub.c:5024...

CVE-2025-38106 io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()

In the Linux kernel, the following vulnerability has been resolved: iouring: fix use-after-free of sq-thread in iouringshowfdinfo syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: 0 UID: 0 PID: 304 Comm: a.out...

CVE-2025-37804

CVE-2025-37804 is rejected/withdrawn; this entry does not represent an active vulnerability.

CVE-2025-23154

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix ioreqpostcqe abuse by send bundle 114.987980 T5313 WARNING: CPU: 6 PID: 5313 at iouring/iouring.c:872 ioreqpostcqe+0x12e/0x4f0 114.991597 T5313 RIP: 0010:ioreqpostcqe+0x12e/0x4f0 115.001880 T5313 Call Trace:...