Linux Kernel Vulnerability in io_uring Handling by Kernel.org
CVE-2025-38002
Currently unrated
What is CVE-2025-38002?
This vulnerability in the Linux kernel relates to improper handling of locks around the io_uring fdinfo interface. Specifically, it arises when the context's uring_lock is not consistently applied, leading to potential race conditions while reading Submission Queue Entries (SQEs) during active resizing. By implementing a more robust locking mechanism that utilizes trylock, the vulnerability ensures that if the lock cannot be acquired, the system returns without producing output, thus preventing stability issues and enhancing overall system integrity.
Affected Version(s)
Linux 79cfe9e59c2a12c3b3faeeefe38d23f3d8030972
Linux 79cfe9e59c2a12c3b3faeeefe38d23f3d8030972
Linux 6.13