How is CVE-2026-46274 exploited?

Network reachability (not-required): The attacker needs an existing shell or process on the host; no network access to the vulnerable service is required. Authentication (required): Any low-privilege local account is sufficient to trigger the vulnerable io_uring work queue code path. Victim interaction (not-required): No user interaction is needed; the attacker can trigger the bug entirely through their own process without involving another user. Attack complexity (info): Attack complexity is low, meaning the exploit is reliable and requires no special race-condition timing or unusual environmental conditions.

What is the impact of CVE-2026-46274?

Reads arbitrary kernel memory, exposing sensitive data such as cryptographic keys, process credentials, or other in-kernel structures. Corrupts kernel data structures by writing through freed memory, enabling privilege escalation to root. Crashes the affected kernel, causing a full system denial of service for all processes on the host. The dangling pointer persists for the lifetime of the task, so exploitation windows extend well beyond the initial triggering operation.

Back to search

HIGHCVE-2026-46274Published 2026-06-08Modified 2026-06-14CNA Linux

CVE-2026-46274: io-wq: check that the predecessor is hashed in io_wq_remove_pending()

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remove_pending() needs to fix up wq->hash_tail[] if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in acct->work_list has the same hash value, but never checks that the predecessor is hashed at all. io_get_work_hash() is simply atomic_read(&work->flags) >> IO_WQ_HASH_SHIFT, and the hash bits are never set for non-hashed work, so it returns 0. Thus, when a hashed bucket-0 work is cancelled while a non-hashed work is its list predecessor, the check spuriously passes and a pointer to the non-hashed io_kiocb is stored in wq->hash_tail[0]. Because non-hashed work is dequeued via the fast path in io_get_next_work(), which never touches hash_tail[], the stale pointer is never cleared. Therefore, after the non-hashed io_kiocb completes and is freed back to req_cachep, wq->hash_tail[0] is a dangling pointer. The io_wq is per-task (tctx->io_wq) and survives ring open/close, so the dangling pointer persists for the lifetime of the task; the next hashed bucket-0 enqueue dereferences it in io_wq_insert_work() and wq_list_add_after() writes through freed memory. Add the missing io_wq_is_hashed() check so a non-hashed predecessor never inherits a hash_tail[] slot.

CVSS v3.1: 7.8
Severity: HIGH
Fixed in: 0
Affected Products: 2

HarborGuard Analysis

Synopsis

A use-after-free vulnerability exists in the Linux kernel's io-wq (io_uring work queue) subsystem, reachable by a local user with a low-privilege account. The bug arises when a hashed bucket-0 work item is cancelled while a non-hashed predecessor sits immediately before it in the work list; a missing hash-check causes a dangling pointer to be stored in wq->hash_tail[0], which persists for the lifetime of the task. When the next hashed bucket-0 item is enqueued, the kernel dereferences the freed memory, giving an attacker the ability to read arbitrary kernel memory, corrupt kernel data structures, or crash the system. A patched-image rebuild at the fix versions is available on HarborGuard for environments running affected kernel versions.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment; the CVE is ingested from upstream Linux kernel security feeds within minutes of publication and matched against customer images, including custom-built images that package an affected kernel version. Images in both registry scans and active CI/CD pipelines are covered.

Available

Triage

HarborGuard scores this CVE at CVSS 7.8 (HIGH) and weights it against each environment's compliance policy to determine urgency and routing. Triage findings are delivered to the inbox or ticketing integration configured for each customer org, ensuring the right team sees the alert without manual filtering.

Available

Patch

A patched-image rebuild at the fixed kernel commits (including stable branch 6.6.141 and commit 252c5051dba9c709b6a72f2866f93e5e618b3f06) becomes available on HarborGuard for environments confirmed to be running an affected version. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs regression tests, and opens a PR against affected workloads automatically.

Available

Exploit Conditions

Network reachabilityNot required
The attacker needs an existing shell or process on the host; no network access to the vulnerable service is required.
AuthenticationRequired
Any low-privilege local account is sufficient to trigger the vulnerable io_uring work queue code path.
Victim interactionNot required
No user interaction is needed; the attacker can trigger the bug entirely through their own process without involving another user.
Attack complexityDetail
Attack complexity is low, meaning the exploit is reliable and requires no special race-condition timing or unusual environmental conditions.

Blast Radius

Reads arbitrary kernel memory, exposing sensitive data such as cryptographic keys, process credentials, or other in-kernel structures.
Corrupts kernel data structures by writing through freed memory, enabling privilege escalation to root.
Crashes the affected kernel, causing a full system denial of service for all processes on the host.
The dangling pointer persists for the lifetime of the task, so exploitation windows extend well beyond the initial triggering operation.

How HarborGuard Handles This

Available on HarborGuard: this CVE is matched against images in customer registries and pipelines as soon as it is ingested, which typically occurs within minutes of upstream publication. Where a fixed kernel version (stable tag 6.6.141 or the upstream commits listed in the advisory) is available in the base image, a patched rebuild is made available automatically. For customers with auto-remediation enabled, HarborGuard rebuilds the image at the patched version, runs regression tests, and opens a PR against affected workloads; median time from CVE publication to merged patch PR for high-severity issues is around 90 minutes in those environments. For environments where a base-image upgrade is not immediately possible, compensating controls such as restricting io_uring access via seccomp or kernel.io_uring_disabled sysctl, tightening container security profiles, and isolating workloads at the network-policy layer are worth evaluating while the patch is staged.

See how HarborGuard automates this

Fix available

0252c5051dba9c709b6a72f2866f93e5e618b3f065.95a20ebf0c81b61f5ea3b1b529c100cad69b9f6036.6.1416.12.916.18.337.0.107.1-rc4d376c131af7c7739a87ff037ed2fdb67c2542c8ad6a2d7b04b5a093021a7a0e2e69e9d5237dfa8ccd6bda9df0c0a3080804181464d5c0f4d78a4e769

Affected packages

Linux / Linux
< d6bda9df0c0a3080804181464d5c0f4d78a4e769 (from 204361a77f4018627addd4a06877448f088ddfc0) · < 5a20ebf0c81b61f5ea3b1b529c100cad69b9f603 (from 204361a77f4018627addd4a06877448f088ddfc0) · < 252c5051dba9c709b6a72f2866f93e5e618b3f06 (from 204361a77f4018627addd4a06877448f088ddfc0) · < d376c131af7c7739a87ff037ed2fdb67c2542c8a (from 204361a77f4018627addd4a06877448f088ddfc0) · < d6a2d7b04b5a093021a7a0e2e69e9d5237dfa8cc (from 204361a77f4018627addd4a06877448f088ddfc0) · 13f35a2c0fd5c6a4fcd8903542b053bcc914fcf5
Linux / Linux
5.9
Fixed in 0, 6.6.141, 6.12.91, 6.18.33, 7.0.10, 7.1-rc4

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

Metrics

Get notified

HarborGuard Analysis

Synopsis

HarborGuard Coverage

Exploit Conditions

Blast Radius

How HarborGuard Handles This

Fix available