75 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring. CVE-2026-45995 Note that...
SUSE CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
A flaw was found in the Linux kernel's iouring/zcrx subsystem. This use-after-free UAF vulnerability occurs because the iofreerbufring function uses a struct userstruct that is prematurely freed by iozcrxifqfree before the ring is destroyed. A local attacker could potentially exploit this flaw to...
EUVD-2026-32291
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
UBUNTU-CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
The CVE-2026-45995 entry concerns the Linux kernel io_uring subsystem. A use-after-free (UAF) was fixed where io_free_rbuf_ring() used a struct user_struct and io_zcrx_ifq_free() released it before destroying the ring. The patch resolves the UAF by ensuring correct lifetime management of the user...
CVE-2026-45995 io_uring/zcrx: fix user_struct uaf
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
iouring/zcrx: fix userstruct uaf...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed error handling after opening. Closing a queue does not guarantee that all associated page pools are terminated immediately; let the refcounting handle this process instead of releasing the zcrx ctx directly...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the warnings regarding page destruction. With multiple page pools, and in some other cases, it’s possible for niovs to be allocated during page pool destruction. We’ve removed the unnecessary warning check...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the sgtable leak that occurs during mapping failures. In a rare case where iopopulateareadma fails—which can only occur on a PAGEPOOL32BITARCHWITH64BITDMA machine—iozcrxmaparea will have an initialized but...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fixed the issue of exceeding the recv limit. It is reported that sometimes a zcrx request can receive more than was requested. This issue arises because iozcrxrecvskb adjusts desc-count for all received buffers,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the page array leak. d9f595b9a65e “iouring/zcrx: fixed the issue of leaked pages during sg initialization failure” fixed a page leakage issue; however, the page array was not freed either...
SUSE CVE-2026-43174
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...
SUSE CVE-2026-43121
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...
SUSE CVE-2026-43224
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...
Linux Distros Unpatched Vulnerability : CVE-2026-43121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed ...
Linux Distros Unpatched Vulnerability : CVE-2026-43174
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do th...