CVE-2025-40364

Summary

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix io_req_prep_async with provided buffers

io_req_prep_async() can import provided buffers, commit the ring state by giving up on that before, it'll be reimported later if needed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < 233b210a678bddf8b49b02a070074a52b87e6d43affected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < a1b17713b32c75a90132ea2f92b1257f3bbc20f3affected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < b86f1d51731e621e83305dc9564ae14c9ef752bfaffected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3affected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < 35ae7910c349fb3c60439992e2e0e79061e95382affected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < f0ef94553868d07c1b14d7743a7e2553e5a831a3affected
LinuxLinuxc7fb19428d67dd0a2a78a4f237af01d39c78dc5a < d63b0e8a628e62ca85a0f7915230186bb92f8bb4affected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux6.1.129 <= 6.1.*unaffected
LinuxLinux6.6.78 <= 6.6.*unaffected
LinuxLinux6.12.14 <= 6.12.*unaffected
LinuxLinux6.13.3 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

References