7.8

CVE-2025-40364

io_uring: fix io_req_prep_async with provided buffers

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix io_req_prep_async with provided buffers

io_req_prep_async() can import provided buffers, commit the ring state
by giving up on that before, it'll be reimported later if needed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.19 < 6.1.129
LinuxLinux Kernel Version >= 6.2 < 6.6.78
LinuxLinux Kernel Version >= 6.7 < 6.12.14
LinuxLinux Kernel Version >= 6.13 < 6.13.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.162
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/a1b17713b32c75a90132ea2f92b1257f3bbc20f3
Patch
https://git.kernel.org/stable/c/a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3
Patch
https://git.kernel.org/stable/c/233b210a678bddf8b49b02a070074a52b87e6d43
Patch
https://git.kernel.org/stable/c/35ae7910c349fb3c60439992e2e0e79061e95382
Patch
https://git.kernel.org/stable/c/b86f1d51731e621e83305dc9564ae14c9ef752bf
Patch
https://git.kernel.org/stable/c/d63b0e8a628e62ca85a0f7915230186bb92f8bb4
Patch
https://git.kernel.org/stable/c/f0ef94553868d07c1b14d7743a7e2553e5a831a3
Patch