Linux Kernel io_uring Buffer Reallocation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's io_uring buffer management has been addressed. The issue arose because the IORING_REGISTER_PBUF_RING operation could reuse an old io_buffer_list structure that was originally created for legacy selected buffers and had been emptied. This behavior violated the requirement that most fields should remain stable after publication. The vulnerability has been resolved by ensuring that the buffer lists are always reallocated upon upgrade.

Impact

Exploitation of this vulnerability could lead to unintended behavior in buffer management, potentially causing data corruption or instability in applications using io_uring.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel io_uring Buffer Reallocation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating