High severity7.8NVD Advisory· Published May 8, 2026· Updated May 15, 2026
CVE-2026-43366
CVE-2026-43366
Description
In the Linux kernel, the following vulnerability has been resolved:
io_uring/kbuf: check if target buffer list is still legacy on recycle
There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring provided type. This can happen if the request is forced via io-wq. The legacy recycling is missing checking if the buffer_list still exists, and if it's of the correct type. Add those checks.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- git.kernel.org/stable/c/439a6728ec4641ffad1ca796622c19bc525e570fnvdPatch
- git.kernel.org/stable/c/50ad880db3013c6fee0ef13781762a39e2e7ef83nvdPatch
- git.kernel.org/stable/c/97b57f69fee1b61b41acbf37e7720cac9d389fa4nvdPatch
- git.kernel.org/stable/c/a7b33671e418fca507feebd1d56e7f4952a4b25cnvdPatch
- git.kernel.org/stable/c/c2c185be5c85d37215397c8e8781abf0a69bec1fnvdPatch
- git.kernel.org/stable/c/f3fb54e7a8b4aadcc2836ee463eec8c88709b8aanvdPatch
News mentions
0No linked articles in our index yet.