7 matches found
EUVD-2026-28672
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
UBUNTU-CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366 io_uring/kbuf: check if target buffer list is still legacy on recycle
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366 io_uring/kbuf: check if target buffer list is still legacy on recycle
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2025-21836
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: reallocate buf lists on upgrade IORINGREGISTERPBUFRING can reuse an old struct iobufferlist if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field shoul...