CVE Disclosure

CVE-2026-43121

Linux Kernel io_uring/zcrx

user_ref race → double-free → OOB write

CVSS4.7

SeverityMedium

StatusPublished

Summary

CVE-2026-43121 is a medium-severity vulnerability affecting Linux Kernel io_uring/zcrx: user_ref race → double-free → OOB write.

References

NVD↗MITRE↗Vendor / Advisory↗PoC repo (if published)↗

Disclosure

Reported by Kai Aizen. Status: Published. Coordinated through standard NVD/MITRE/GHSA channels.

disclosure contextall 30 cves →

all disclosures

30 published CVEs

GHSA disclosures →

4 coordinated advisories

Pen Testing →

same methodology, your stack

Author

Kai Aizen

Independent offensive security researcher. 30 published CVEs, 5 Linux kernel mainline patches, creator of AATMF / P.R.O.M.P.T / SEF, author of Adversarial Minds.

about services github x linkedin researchgate