CVE-2025-68805
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
fuse: fix io-uring list corruption for terminated non-committed requests
When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to list corruption and use-after-free issues.
Remove the request from the queue's list for terminated non-committed requests.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c090c8abae4b6b77a1bee116aa6c385456ebef96 < a6d1f1ace16d0e777a85f84267160052d3499b6e | affected |
| Linux | Linux | c090c8abae4b6b77a1bee116aa6c385456ebef96 < 95c39eef7c2b666026c69ab5b30471da94ea2874 | affected |
| Linux | Linux | 6.14 | affected |
| Linux | Linux | 0 < 6.14 | unaffected |
| Linux | Linux | 6.18.3 <= 6.18.* | unaffected |
| Linux | Linux | 6.19 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/a6d1f1ace16d0e777a85f84267160052d3499b6e
- https://git.kernel.org/stable/c/95c39eef7c2b666026c69ab5b30471da94ea2874
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.