Linux Kernel uid Memory Leak Vulnerability in io_uring Files Registration

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's io_uring file registration process. When the function __io_sqe_files_scm() has no files to process, it correctly frees resources but fails to properly manage the user ID, leading to a memory leak.

Impact

Exploitation of this vulnerability causes a memory leak, which can lead to increased memory usage and potential degradation of system performance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel uid Memory Leak Vulnerability in io_uring Files Registration

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating