CVE-2026-43442

A flaw was found in the Linux kernel's io_uring subsystem. An incorrect bounds check for 128-byte Submission Queue Entry (SQE) operations, when IORING_SETUP_SQE_MIXED is used without IORING_SETUP_NO_SQARRAY, allows an unprivileged local user to remap logical SQE positions to arbitrary physical indices. This can lead to an out-of-bounds read, potentially disclosing sensitive information from kernel memory.