CVE-2026-43442

A flaw was found in the Linux kernel's iouring subsystem. An incorrect bounds check for 128-byte Submission Queue Entry SQE operations, when IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, allows an unprivileged local user to remap logical SQE positions to arbitrary physical indices. Th...

CVE-2026-43442

In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq validated the logical SQ head position...

CVE-2026-43442

In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq validated the logical SQ head position...

PT-2026-39103

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io uring component where the boundary check for 128-byte Submission Queue Entry SQE operations in the io init req function validates the logical SQ head position...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a physical SQE boundary-checking error involving a 128-byte operation in iouring, potentially...

CVE-2026-31484

In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: fix OOB read in SQEMIXED wrap check iouringshowfdinfo iterates over pending SQEs and, for 128-byte SQEs on an IORINGSETUPSQEMIXED ring, needs to detect when the second half of the SQE would be past the end of the...

kernel: io_uring: prevent opcode speculation

In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation sqe-opcode is used for different tables, make sure we santitise it against speculations...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993260)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993260 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation...

kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time

No description is available for this CVE...

kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time

No description is available for this CVE...

SUSE CVE-2025-38106

In the Linux kernel, the following vulnerability has been resolved: iouring: fix use-after-free of sq-thread in iouringshowfdinfo syzbot reports: BUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60 Read of size 8 at addr ffff88810de2d2c8 by task a.out/304 CPU: 0 UID: 0 PID: 304 Comm: a.out...

CVE-2025-38002 io_uring/fdinfo: grab ctx->uring_lock around io_uring_show_fdinfo()

In the Linux kernel, the following vulnerability has been resolved: iouring/fdinfo: grab ctx-uringlock around iouringshowfdinfo Not everything requires locking in there, which is why the 'haslock' variable exists. But enough does that it's a bit unwieldy to manage. Wrap the whole thing in a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/uringcmd: unconditionally copy SQEs at prep time This isn't generally necessary, but conditions have been observed where SQE data is accessed from the original SQE after prep has been done and outside of the initial issue...

kernel: io_uring/sqpoll: zero sqd->thread on tctx errors

No description is available for this CVE...

SUSE CVE-2022-49858

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that originates from an out-of-bounds memory access found in the iouring SQ/CQ function, which can be exploited by a...

DEBIAN-CVE-2023-46862

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur...