CVE-2026-45975
MEDIUMublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd struct ublksrv_ctrl_cmd is part of the io_uring_sqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them concurrently. Use READ_ONCE() to copy the ublksrv_ctrl_cmd from the io_uring_sqe to the stack. Use the local copy in place of the one in the io_uring_sqe.
References (2)
Core 2
Scores
CVSS v3
5.5
EPSS
0.0011
EPSS Percentile
1.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (8)
linux/Kernel
6.19.0 - 6.19.4linux
Linux/Linux
< 6.19
Linux/Linux
6.19
Linux/Linux
6.19.4 - 6.19.*
Linux/Linux
7.0
Linux/Linux
87213b0d847cd300285b5545598e0548baeb5208 - ce63eda3e6d36e2c253febee1c8421ecbd1a680e
Linux/Linux
87213b0d847cd300285b5545598e0548baeb5208 - ed9f54cc1e335096733aed03c2a46de3d58922ed
linux/linux_kernel
6.19 - 6.19.4
Published
May 27, 2026
Tracked Since
May 27, 2026