| ID | CVE-2026-43366 | ||||||
| Sažetak | In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring provided type. This can happen if the request is forced via io-wq. The legacy recycling is missing checking if the buffer_list still exists, and if it's of the correct type. Add those checks. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | ||||||
| Zadnje važnije ažuriranje | 15-05-2026 - 16:15 | ||||||
| Objavljeno | 08-05-2026 - 15:16 |
