Linux Kernel Vulnerability in io_uring Buffer Handling
CVE-2025-39822

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-39822?

A vulnerability exists in the Linux kernel related to the io_uring buffer handling. This vulnerability arises due to the signedness of the buffer length ('buf->len'), which is treated as an unsigned value. When this length is converted to a signed integer upon committing, it can lead to overflow issues, particularly when dealing with large buffers. Such a scenario can result in unintended behavior and potential security risks. The issue has been addressed by modifying the min_t calculation to ensure it remains unsigned, thereby mitigating the risk of interpreting large buffer sizes as negative values.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux cf9536e550dd243a1681fdbf804221527da20a80

Linux 6.15

References

https://git.kernel.org/stable/c/f4f411c068402c370c4f9a9d4...

https://git.kernel.org/stable/c/c64eff368ac676e8540344d27...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Linux

What is CVE-2025-39822?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.