CVE-2026-23113

CWE-8358 documents8 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 96.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking (which will create a new worker for other items), or they complete fairly quickly. But syzbot reports an issue where io-wq takes seemingly forever to exit, and with a bit of debugging, this turns out to be because it queues a bunch of big (2GB - 4

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel5.12.16.6.122+4
CVEListV5linux/linuxc60eb049f4a19ddddcd3ee97a9c79ab8066a6a03d05d99573f81a091547b1778b9a50120f5d6c68a+5
Debianlinux< 6.12.69-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23113: In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checke2026-02-14
CVEList
io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop2026-02-14
GHSA
GHSA-ccr5-8c2w-j2f4: In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is chec2026-02-14

📋Vendor Advisories

3
Red Hat
kernel: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop2026-02-14
Microsoft
io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop2026-02-10
Debian
CVE-2026-23113: linux - In the Linux kernel, the following vulnerability has been resolved: io_uring/io...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23113 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23113 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io