CVE-2026-23263 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array leak d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed a page leakage but didn't free the page array, release it as well.

PUBLISHED Reserved 2026-01-13 | Published 2026-03-18 | Updated 2026-03-18 | Assigner Linux

Product status

Default status

unaffected

b84621d96ee0221e0bfbf9f477bbec7a5077c464 (git) before 64cf3016234ce8a6e4195ed1b2d9e2a1ae41b57d

affected

b84621d96ee0221e0bfbf9f477bbec7a5077c464 (git) before 0ae91d8ab70922fb74c22c20bedcb69459579b1c

affected

Default status

affected

6.17

affected

Any version before 6.17

unaffected

6.18.10 (semver)

unaffected

6.19 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/64cf3016234ce8a6e4195ed1b2d9e2a1ae41b57d

git.kernel.org/...c/0ae91d8ab70922fb74c22c20bedcb69459579b1c

cve.org (CVE-2026-23263)

nvd.nist.gov (CVE-2026-23263)

Download JSON