On Sun, May 03, 2026 at 07:00:06AM -0400, Mohamed salem Eddah wrote:
> This issue appears to have been addressed in commit 770594e
> (“io_uring/zcrx: warn on freelist violations”, April 21, 2026), however it
> was not assigned a CVE and does not appear to have been included in a
> formal security advisory. As a result, multiple stable and downstream
> distribution kernels are still affected.
> ------------------------------
> Vulnerability Summary
> 
> *File:* io_uring/zcrx.c
> *Function:* io_zcrx_return_niov_freelist()
> *Introduced:* Linux 6.12 (initial ZCRX merge)
> *Fixed upstream:* 770594e (Apr 21, 2026)
> *Status:* Fix not yet present in stable releases


<formletter>

Please see:
        https://www.kernel.org/doc/html/latest/process/cve.html
for how kernel CVEs are assigned.

</formletter>

Reply via email to