CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: file: Use kzalloc flex for aio cmd

The target core file doesn't initialize the aio cmd->iocb for the ki write stream. When a write command fd execute rw aio() is executed, we may get a bogus ki write stream value, causing unintended write failure status when checking iocb->ki write stream > max write streams in the block device.

Let's just use kzalloc flex when allocating the aio cmd and let ki write stream=0 to fix this issue.