5.5
CVE-2026-45975
- EPSS 0.11%
- Veröffentlicht 27.05.2026 12:18:33
- Zuletzt bearbeitet 16.06.2026 02:41:06
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd
In the Linux kernel, the following vulnerability has been resolved: ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd struct ublksrv_ctrl_cmd is part of the io_uring_sqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them concurrently. Use READ_ONCE() to copy the ublksrv_ctrl_cmd from the io_uring_sqe to the stack. Use the local copy in place of the one in the io_uring_sqe.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.014 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/ce63eda3e6d36e2c253febee1c8421ecbd1a680e
https://git.kernel.org/stable/c/ed9f54cc1e335096733aed03c2a46de3d58922ed