CVE-2025-68317

Summary

In the Linux kernel, the following vulnerability has been resolved:

io_uring/zctx: check chained notif contexts

Send zc only links ubuf_info for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6fe4220912d19152a26ce19713ab232f4263018d < aaafd17d3f4be2c15539359a5b4bfa00237f687faffected
LinuxLinux6fe4220912d19152a26ce19713ab232f4263018d < d664a3ce3a604231a0b144c152a3755d03b18b60affected
LinuxLinux6fe4220912d19152a26ce19713ab232f4263018d < ab3ea6eac5f45669b091309f592c4ea324003053affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References