CVE-2026-23473

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition in the io uring/poll subsystem can cause a multishot recv operation to hang indefinitely when a socket send and shutdown() occur in quick succession. This happens because wake-ups can occur before the receiver's task work has a chance to run, leading to incorrect handling of accumulated poll references. Specifically, the issue arises when a shutdown event is missed due to the premature draining of poll references, preventing further wakeups and causing the recv operation to hang. The fix involves checking for HUP in the poll loop and ensuring that another loop is executed to check for status if multiple poll activations are pending.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.