CVE-2026-45995

Summary

In the Linux kernel, the following vulnerability has been resolved:

io_uring/zcrx: fix user_struct uaf

io_free_rbuf_ring() usees a struct user_struct, which io_zcrx_ifq_free() puts it down before destroying the ring.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5c686456a4e83ef06c74d40be05c21a0ef136684 < 9feb88eeda6d288f93fcfb6bca563f89e316479daffected
LinuxLinux5c686456a4e83ef06c74d40be05c21a0ef136684 < 0fcccfd87152f957fa8312b841f6efef42a05a20affected
LinuxLinux6.19affected
LinuxLinux0 < 6.19unaffected
LinuxLinux7.0.4 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References