CVE-2026-46315

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An information disclosure issue exists in the io uring subsystem during the IORING OP WAITID operation. The io waitid finish() function copies the info field from struct io waitid to userspace siginfo. However, the preparation path fails to initialize the info structure. If a wait operation completes without reporting a child event, the system may copy stale bytes from reused io kiocb command storage to userspace, as the common wait code might return without writing to wo info.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.