CVE-2026-23275

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the io uring subsystem. Specifically, a condition exists where, if DEFER TASKRUN and SETUP TASKRUN are utilized concurrently with task work being added during ring resizing, a race condition can occur. This can lead to the unintended bitwise OR operation of IORING SQ TASKRUN during the transition between old and new rings, potentially causing instability. To address this, a second pointer, ->rings rcu, protected by RCU (Read-Copy-Update), is introduced. This ensures stability during task work flag manipulation. The fix is only applied to DEFER TASKRUN as it is the only setup mode supporting ring resizing. The io ctx mark taskrun() helper function may be required if this changes in the future.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.