79 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfr...
SUSE CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
A flaw was found in the Linux kernel's iouring/zcrx subsystem. This use-after-free UAF vulnerability occurs because the iofreerbufring function uses a struct userstruct that is prematurely freed by iozcrxifqfree before the ring is destroyed. A local attacker could potentially exploit this flaw to...
EUVD-2026-32291
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
UBUNTU-CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995 io_uring/zcrx: fix user_struct uaf
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
A CVE-2026-45995 has been resolved in the Linux kernel for a local, low-privilege UAF issue in io_uring zcrx handling (io_free_rbuf_ring with a user_struct, freed by io_zcrx_ifq_free before ring destruction). The advisory for openSUSE Tumbleweed indicates the fix is delivered via kernel-devel-7.0...
CVE-2026-45995 io_uring/zcrx: fix user_struct uaf
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
CVE-2026-45995
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the page array leak. d9f595b9a65e “iouring/zcrx: fixed the issue of leaked pages during sg initialization failure” fixed a page leakage issue; however, the page array was not freed either...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the warnings regarding page destruction. With multiple page pools, in some other cases, it is possible for niovs to be allocated during page pool destruction. The misplaced warning check, which ensured that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed error handling after opening. Closing a queue does not guarantee that all associated page pools are terminated immediately. Let the refcounting process handle this task instead of releasing the zcrx ctx...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fixed the issue of exceeding the recv limit. It is reported that sometimes a zcrx request can receive more than was requested. This issue arises because iozcrxrecvskb adjusts desc-count for all received buffers,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the race condition between the scrub and refill paths involving userrefs The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by an atomicdec to manipulate...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the sgtable leak that occurs during mapping failures. In a rare case where iopopulateareadma fails—which can only occur on a PAGEPOOL32BITARCHWITH64BITDMA machine—iozcrxmaparea will have an initialized but...
SUSE CVE-2026-43174
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...
SUSE CVE-2026-43121
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...
SUSE CVE-2026-43224
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...