Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-53124

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
24/06/2026
Última modificación:
24/06/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ublk: reset per-IO canceled flag on each fetch<br /> <br /> If a ublk server starts recovering devices but dies before issuing fetch<br /> commands for all IOs, cancellation of the fetch commands that were<br /> successfully issued may never complete. This is because the per-IO<br /> canceled flag can remain set even after the fetch for that IO has been<br /> submitted - the per-IO canceled flags for all IOs in a queue are reset<br /> together only once all IOs for that queue have been fetched. So if a<br /> nonempty proper subset of the IOs for a queue are fetched when the ublk<br /> server dies, the IOs in that subset will never successfully be canceled,<br /> as their canceled flags remain set, and this prevents ublk_cancel_cmd<br /> from actually calling io_uring_cmd_done on the commands, despite the<br /> fact that they are outstanding.<br /> <br /> Fix this by resetting the per-IO cancel flags immediately when each IO<br /> is fetched instead of waiting for all IOs for the queue (which may never<br /> happen).

Impacto