CVE-2026-53124
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
24/06/2026
Última modificación:
24/06/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ublk: reset per-IO canceled flag on each fetch<br />
<br />
If a ublk server starts recovering devices but dies before issuing fetch<br />
commands for all IOs, cancellation of the fetch commands that were<br />
successfully issued may never complete. This is because the per-IO<br />
canceled flag can remain set even after the fetch for that IO has been<br />
submitted - the per-IO canceled flags for all IOs in a queue are reset<br />
together only once all IOs for that queue have been fetched. So if a<br />
nonempty proper subset of the IOs for a queue are fetched when the ublk<br />
server dies, the IOs in that subset will never successfully be canceled,<br />
as their canceled flags remain set, and this prevents ublk_cancel_cmd<br />
from actually calling io_uring_cmd_done on the commands, despite the<br />
fact that they are outstanding.<br />
<br />
Fix this by resetting the per-IO cancel flags immediately when each IO<br />
is fetched instead of waiting for all IOs for the queue (which may never<br />
happen).



