CVE-2026-43366

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the io uring/kbuf component where a gap occurs between grabbing a buffer and its potential recycling. If the buffer list is empty, it may be upgraded to a ring-provided type, particularly when requests are forced via io-wq. The legacy recycling process fails to verify if the buffer list still exists and if it is of the correct type.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.