Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: always do atomic put from iowq io_uring always switches requests to atomic refcounting for iowq execution before there is any parallilism by setting REQ_F_REFCOUNT, and the flag is not cleared until the request completes. That should be fine as long as the compiler doesn't make up a non existing value for the flags, however KCSAN still complains when the request owner changes oter flag bits: BUG: KCSAN: data-race in io_req_task_cancel / io_wq_free_work ... read to 0xffff888117207448 of 8 bytes by task 3871 on cpu 0: req_ref_put_and_test io_uring/refs.h:22 [inline] Skip REQ_F_REFCOUNT checks for iowq, we know it's set.

INFO

Published Date :

2025-05-08T06:26:04.461Z

Last Modified :

2025-05-12T14:19:31.108Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-37804 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-37804.

URL Resource
https://git.kernel.org/stable/c/3568fd9e440ea393c7d8bee253419ea11fd8e9d9 cve-icon cve-icon
https://git.kernel.org/stable/c/390513642ee6763c7ada07f0a1470474986e6c1c cve-icon cve-icon
https://git.kernel.org/stable/c/6d2753b46452a557a12f7ef1ef4ee6641b4e89d8 cve-icon cve-icon
https://git.kernel.org/stable/c/c5d4d103005d8926cdad344f9fc947e651c9f2f7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050814-CVE-2025-37804-9c2b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-37804 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-37804 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact