-

CVE-2025-68814

EPSS 0.03%
Veröffentlicht 13.01.2026 15:29:19
Zuletzt bearbeitet 19.01.2026 13:16:15
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix filename leak in __io_openat_prep()

 __io_openat_prep() allocates a struct filename using getname(). However,
for the condition of the file being installed in the fixed file table as
well as having O_CLOEXEC flag set, the function returns early. At that
point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this,
the memory for the newly allocated struct filename is not cleaned up,
causing a memory leak.

Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the
successful getname() call, so that when the request is torn down, the
filename will be cleaned up, along with other resources needing cleanup.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 2420ef01b2e836fbc05a0a8c73a1016504eb0458

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

Version < 8f44c4a550570cd5903625133f938c6b51310c9b

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

Version < 18b99fa603d0df5e1c898699c17d3b92ddc80746

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

Version < e232269d511566b1f80872256a48593acc1becf4

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

Version < 7fbfb85b05bc960cc50e09d03e5e562131e48d45

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

Version < b14fad555302a2104948feaff70503b64c80ac01

Version b9445598d8c60a1379887b957024b71343965f74

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.198

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.64

Status unaffected

Version <= 6.18.*

Version 6.18.3

Status unaffected

Version <= *

Version 6.19-rc3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.088

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9b

https://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746

https://git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4

https://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45

https://git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01

https://git.kernel.org/stable/c/2420ef01b2e836fbc05a0a8c73a1016504eb0458

https://nvd.nist.gov/vuln/detail/CVE-2025-68814

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68814

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68814

EUVD