Linux Kernel Vulnerability Affecting io_uring Buffer Management
CVE-2025-21836

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 March 2025

Summary

A vulnerability in the Linux kernel affects the io_uring module, where the IORING_REGISTER_PBUF_RING operation risks reusing an old structure if created for a legacy selected buffer that has been emptied. This behavior contradicts the stability requirement of its fields after publication, potentially leading to security weaknesses. To address this, the kernel has been updated to ensure that the buffer list is always reallocated, eliminating the risks associated with this instability.

Affected Version(s)

Linux 2fcabce2d7d34f69a888146dab15b36a917f09d4 < 146a185f6c05ee263db715f860620606303c4633

Linux 2fcabce2d7d34f69a888146dab15b36a917f09d4 < 7d0dc28dae836caf7645fef62a10befc624dd17b

Linux 2fcabce2d7d34f69a888146dab15b36a917f09d4 < 2a5febbef40ce968e295a7aeaa5d5cbd9e3e5ad4

References

https://git.kernel.org/stable/c/146a185f6c05ee263db715f86...

https://git.kernel.org/stable/c/7d0dc28dae836caf7645fef62...

https://git.kernel.org/stable/c/2a5febbef40ce968e295a7aea...

Timeline

Vulnerability published
Mar 7, 2025
Vulnerability Reserved
Dec 29, 2024