Buffer Overflow Vulnerability in Linux Kernel's io_uring System by Google
CVE-2025-38196

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 July 2025

What is CVE-2025-38196?

A vulnerability exists in the Linux kernel's io_uring system, where insufficient validation of buffer counts during cloning can lead to a buffer overflow. Syzbot reports triggering a warning for excessive memory allocation attempts due to the lack of checks for buffer offset plus count exceeding maximum allowed limits. This flaw can result in unnecessary warnings and potentially impact system performance; hence, proper validation against IORING_MAX_REG_BUFFERS is crucial to prevent accessing buffers that cannot be reached.

Affected Version(s)

Linux b16e920a1909da6799c43000db730d8fcdcae907 < 0e23ac818f3afb16660b0ba384875d56a7013879

Linux b16e920a1909da6799c43000db730d8fcdcae907 < 1d27f11bf02b38c431e49a17dee5c10a2b4c2e28

Linux 6.13

References

https://git.kernel.org/stable/c/0e23ac818f3afb16660b0ba38...

https://git.kernel.org/stable/c/1d27f11bf02b38c431e49a17d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 4, 2025
Vulnerability Reserved
Apr 16, 2025