In the Linux kernel, the following vulnerability has been resolved:

io_uring/zcrx: fix post open error handling

Closing a queue doesn't guarantee that all associated page pools are
terminated right away, let the refcounting do the work instead of
releasing the zcrx ctx directly.