-
CVE-2025-68814
- EPSS 0.07%
- Veröffentlicht 13.01.2026 15:29:19
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
io_uring: fix filename leak in __io_openat_prep()
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak. Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
2420ef01b2e836fbc05a0a8c73a1016504eb0458
Status
affected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
8f44c4a550570cd5903625133f938c6b51310c9b
Status
affected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
18b99fa603d0df5e1c898699c17d3b92ddc80746
Status
affected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
e232269d511566b1f80872256a48593acc1becf4
Status
affected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
7fbfb85b05bc960cc50e09d03e5e562131e48d45
Status
affected
Version
b9445598d8c60a1379887b957024b71343965f74
Version <
b14fad555302a2104948feaff70503b64c80ac01
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.15
Status
affected
Version
0
Version <
5.15
Status
unaffected
Version <=
5.15.*
Version
5.15.198
Status
unaffected
Version <=
6.1.*
Version
6.1.160
Status
unaffected
Version <=
6.6.*
Version
6.6.120
Status
unaffected
Version <=
6.12.*
Version
6.12.64
Status
unaffected
Version <=
6.18.*
Version
6.18.3
Status
unaffected
Version <=
*
Version
6.19
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.21 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|