CVE-2025-68294

io_uring/net: ensure vectored buffer node import is tied to notification

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification io_kiocb, sr->notif. For non-vectored imports, sr->notif is correctly used. This is important as the lifetime of the two may be different. Use the correct io_kiocb for the vectored buffer import.

INFO

Published Date :

2025-12-16T15:06:14.177Z

Last Modified :

2025-12-16T15:06:14.177Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2025-68294 vulnerability.

Vendors	Products
Linux	Linux Kernel

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-68294.

URL	Resource
https://git.kernel.org/stable/c/14459281e027f23b70885c1cc1032a71c0efd8d7
https://git.kernel.org/stable/c/f6041803a831266a2a5a5b5af66f7de0845bcbf3

CVE-2025-68294

io_uring/net: ensure vectored buffer node import is tied to notification

Description

INFO

2025-12-16T15:06:14.177Z

2025-12-16T15:06:14.177Z

Linux

AFFECTED PRODUCTS

REFERENCES

CVSS Vulnerability Scoring System