What is GHSA-q3hj-qw3j-gv7p?

GHSA-q3hj-qw3j-gv7p is a security advisory published by GitHub Security Advisories with Medium severity. In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free...

Which CVE IDs does GHSA-q3hj-qw3j-gv7p cover?

GHSA-q3hj-qw3j-gv7p covers the following CVE IDs: CVE-2026-23259. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-q3hj-qw3j-gv7p?

GHSA-q3hj-qw3j-gv7p has a CVSS v3 base score of 5.5, published by GitHub Security Advisories.

GHSA-q3hj-qw3j-gv7pMediumCVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: free...

Vendor

GitHub Security Advisories

Published

March 18, 2026

Last Modified

May 29, 2026

🔗 CVE IDs covered (1)

CVE-2026-23259 →

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

io_uring/rw: free potentially allocated iovec on cache put failure

If a read/write request goes through io_req_rw_cleanup() and has an allocated iovec attached and fails to put to the rw_cache, then it may end up with an unaccounted iovec pointer. Have io_rw_recycle() return whether it recycled the request or not, and use that to gauge whether to free a potential iovec or not.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-23259
https://git.kernel.org/stable/c/1d5f2329ab4df65c2ee011b986d8a6e05ad0f67c
https://git.kernel.org/stable/c/4b9748055457ac3a0710bf210c229d01ea1b01b9
https://github.com/advisories/GHSA-q3hj-qw3j-gv7p