Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: ensure allocated iovec gets cleared for early failure A previous commit reused the recyling infrastructure for early cleanup, but this is not enough for the case where our internal caches have overflowed. If this happens, then the allocated iovec can get leaked if the request is also aborted early. Reinstate the previous forced free of the iovec for that situation.

INFO

Published Date :

2025-12-06T21:50:47.614Z

Last Modified :

2025-12-06T21:50:47.614Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40267 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40267.

URL Resource
https://git.kernel.org/stable/c/094c6467fe05e0de618c5a7fcff4d3ee20aeaef8 cve-icon cve-icon
https://git.kernel.org/stable/c/d3c9c213c0b86ac5dd8fe2c53c24db20f1f510bc cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120714-CVE-2025-40267-4904@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-40267 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-40267 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact