Description

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, ep_free() in eventpoll.c will kfree the epi->ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree() to an RCU callback to prevent UAF.

INFO

Published Date :

2026-05-06T07:21:58.210Z

Last Modified :

2026-05-08T12:40:22.201Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43074 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43074.

URL Resource
https://git.kernel.org/stable/c/07712db80857d5d09ae08f3df85a708ecfc3b61f cve-icon cve-icon
https://git.kernel.org/stable/c/5b1173b165421561db29f30afc7e97d940a398a9 cve-icon cve-icon
https://git.kernel.org/stable/c/7e8083f5eeedab0f460063b9c2c14c9a4e71a427 cve-icon cve-icon
https://git.kernel.org/stable/c/a6566cd33f6f967a7651ebf2ce0dd31572e319cf cve-icon cve-icon
https://git.kernel.org/stable/c/ae0bb9c1fb7c2594519aeeb096cf2c3b7837b322 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050601-CVE-2026-43074-ac01@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43074 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43074 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact