Linux Kernel Vulnerability Affecting Task Work Flags Manipulation
CVE-2026-23275

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
20 March 2026

What is CVE-2026-23275?

This vulnerability in the Linux kernel arises from potential instability during the resizing of the io_uring context's rings. Specifically, when both DEFER_TASKRUN and SETUP_TASKRUN are utilized, task work can be erroneously added while the ring is being resized. This creates a narrow opportunity for the OR'ing of IORING_SQ_TASKRUN, leading to unsafe interactions between the old and new rings. To mitigate this issue, a second rings pointer, ->rings_rcu, has been introduced, safeguarded by RCU methodology. This enhancement ensures that if ring resizing and freeing operations are executed after an RCU synchronize, additional locking mechanisms for task work additions become unnecessary, improving overall system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 79cfe9e59c2a12c3b3faeeefe38d23f3d8030972 < 7cc4530b3e952d4a5947e1e55d06620d8845d4f5

Linux 79cfe9e59c2a12c3b3faeeefe38d23f3d8030972 < 46dc07d5f31411cc023f3bf1f4a23a07bf6e0ed1

Linux 79cfe9e59c2a12c3b3faeeefe38d23f3d8030972 < 96189080265e6bb5dde3a4afbaf947af493e3f82

References

https://git.kernel.org/stable/c/7cc4530b3e952d4a5947e1e55...
https://git.kernel.org/stable/c/46dc07d5f31411cc023f3bf1f...
https://git.kernel.org/stable/c/96189080265e6bb5dde3a4afb...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.