CVE Catalog

CVE-2026-45995

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile - higher than 5% of all known CVEs

Summary

A vulnerability related to the use of the user_struct in the io_free_rbuf_ring() function has been fixed in the Linux kernel. The issue was that this structure was being freed before the ring was destroyed, which could lead to improper memory management.

Risk Assessment

This vulnerability could lead to use-after-free conditions, posing risks of Denial of Service attacks or potential execution of malicious code in the kernel context.

Recommendation

It is recommended to update the Linux kernel to the latest version where this vulnerability has been fixed to minimize the risks associated with its exploitation.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_struct uaf io_free_rbuf_ring() usees a struct user_struct, which io_zcrx_ifq_free() puts it down before destroying the ring.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS