Use-After-Free Vulnerability in Linux Kernel's Asynchronous Partition Scan for ublk
CVE-2026-22995

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 23 January 2026

What is CVE-2026-22995?

A use-after-free vulnerability exists in the Linux kernel's ublk module, specifically associated with the asynchronous partition scan process. This flaw results from a race condition occurring between asynchronous scanning and the detachment of device operations. If a device is concurrently detached while its scan is still in progress, the worker may attempt to dereference a freed disk structure, leading to potential exploitation. The vulnerability has been addressed by ensuring proper reference counting during disk access, employing synchronized locks to maintain the integrity of disk references.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch