CVE-2023-52926

HIGH 7.8

io_uring/rw: split io_read() into a helper

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: IORING_OP_READ did not correctly consume the provided buffer list when read i/o returned < 0 (except for -EAGAIN and -EIOCBQUEUED return). This can lead to a potential use-after-free when the completion via io_rw_done runs at separate context.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 24, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

2b188cc1bb857a9d4701ae59aa7768b5124e262e < 72060434a14caea20925e492310d6e680e3f9007 2b188cc1bb857a9d4701ae59aa7768b5124e262e < 6c27fc6a783c8a77c756dd5461b15e465020d075 2b188cc1bb857a9d4701ae59aa7768b5124e262e < a08d195b586a217d76b42062f88f375a3eedda4d

Linux / Linux

5.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/72060434a14caea20925e492310d6e680e3f9007 git.kernel.org: https://git.kernel.org/stable/c/6c27fc6a783c8a77c756dd5461b15e465020d075 git.kernel.org: https://git.kernel.org/stable/c/a08d195b586a217d76b42062f88f375a3eedda4d lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html