Volerion logoVolerion
Volerion logoVolerion

Linux Kernel io_uring Deferment of fsnotify Calls Vulnerability

Vulnerability

A vulnerability in the Linux kernel's io_uring implementation has been addressed. The issue involved improperly timed fsnotify calls, which could occur during the completion of I/O requests, potentially leading to disruptions in interrupt handling. This vulnerability was present in the Linux kernel stable tree.

Impact

The vulnerability could cause a misuse of the fsnotify mechanism, leading to improper file notification handling, which is crucial for file system event monitoring.

Reproduction

The vulnerability can be reproduced by performing I/O operations using io_uring in a context that involves file notifications. The fsnotify calls can be observed in the task context, where they may interfere with normal interrupt processing.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been fixed.

Added: Dec 24, 2025, 1:32 PM
Updated: Dec 24, 2025, 1:32 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.7
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.