Primary

Context

Linux Kernel io_uring Regbuf Vector Size Truncation Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's io_uring implementation has been addressed. The issue arose from the io_estimate_bvec_size() function, which improperly truncated the calculated number of segments. This truncation could lead to data corruption by overflowing the 'int' values used in subsequent operations. The vulnerability has been fixed by ensuring that the segment count does not exceed the maximum limit for integers.

Impact

The vulnerability could cause data corruption by allowing the segment count to overflow, potentially leading to undefined behavior or memory-related issues.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability. The patched version is included in the official Linux kernel stable releases.

Added: Dec 8, 2025, 1:50 AM

Updated: Dec 8, 2025, 1:50 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel io_uring Regbuf Vector Size Truncation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating