CVE-2026-43174
io_uring/zcrx Post-Open Error Handling Flaw
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel relates to the io_uring subsystem, specifically the zcrx component. The issue involves improper error handling after opening a queue. When a queue is closed, the associated page pools are not immediately terminated; instead, the system should rely on reference counting to manage the lifecycle of these resources. The vulnerability was fixed by correcting this post-open error handling to prevent premature release of the zcrx context.
How can this vulnerability impact me? :
This vulnerability relates to improper error handling in the Linux kernel's io_uring subsystem, specifically in the zcrx context. The issue involves closing a queue without guaranteeing that all associated page pools are terminated immediately, relying instead on reference counting. This could potentially lead to resource management issues such as memory leaks or unexpected behavior in kernel operations involving io_uring.