Primary

Context

Linux Kernel Page Array Leak Vulnerability in io_uring Component

Vulnerability

Patched

A vulnerability in the Linux kernel's io_uring component for zero-copy receive operations has been addressed. The issue involved a memory leak where pages were not properly freed after a failure in initializing scatter-gather (sg) data. This leak occurred in versions of the Linux kernel prior to the fix.

Impact

The vulnerability could lead to a memory leak, causing increased memory usage and potential exhaustion of available memory resources.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability. The specific commit that resolves the issue is available in the Linux kernel stable tree.

Added: Mar 18, 2026, 7:52 PM

Updated: Mar 18, 2026, 7:52 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

4.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

4.1

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Page Array Leak Vulnerability in io_uring Component

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating