CVE-2026-43278

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description Stale rq->bio values in request-based device-mapper targets can cause double-initialization of cloned bios. This leads to use-after-free and double-free scenarios. For instance, when using dm-multipath on a PCIe NVMe namespace, cloned request bios may be freed during blk complete request(), but the rq->bio pointer remains intact. A subsequent clone teardown then attempts to free the same bios again via the blk rq unprep clone() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.