Description
In the Linux kernel, the following vulnerability has been resolved:

io_uring/zcrx: fix page array leak

d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed
a page leakage but didn't free the page array, release it as well.
Published: 2026-03-18
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

The Linux kernel’s io_uring/zcrx subsystem had a memory leak that occurred when an sg initialization failed. A page array was allocated but not freed, resulting in uncontrolled kernel memory consumption. This flaw can lead to memory exhaustion and potential system instability, matching the weakness identified as CWE-400: Uncontrolled Resource Consumption.

Affected Systems

All Linux kernels that implement the io_uring/zcrx API before the commit referenced in the advisory are affected. No specific kernel version numbers are provided, so any installation that has not applied the commit that fixed the leak remains vulnerable.

Risk and Exploitability

No CVSS or EPSS score is supplied, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that exploitation requires local access with the ability to invoke io_uring system calls. The lack of severity scores and exploit information suggests a moderate to high risk for systems heavily using io_uring, but this assessment is an inference and not directly stated in the data.

Generated by OpenCVE AI on March 18, 2026 at 20:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the kernel patch referenced in the advisory to eliminate the page array memory leak.

Generated by OpenCVE AI on March 18, 2026 at 20:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 13:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401
CPEs cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Thu, 19 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
References

Wed, 18 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array leak d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed a page leakage but didn't free the page array, release it as well.
Title io_uring/zcrx: fix page array leak
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:03:28.689Z

Reserved: 2026-01-13T15:37:45.990Z

Link: CVE-2026-23263

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-03-18T18:16:24.950

Modified: 2026-05-22T20:58:36.073

Link: CVE-2026-23263

cve-icon Redhat

Severity :

Publid Date: 2026-03-18T00:00:00Z

Links: CVE-2026-23263 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:58:14Z

Weaknesses