Primary

Context

Linux Kernel io_uring Command Network Argument Type Misalignment Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's io_uring command network handling has been addressed. The issue arose because the argument types for the skb_queue_splice() function were incorrectly aligned, leading to improper splicing of socket buffer (SKB) lists. When timestamp retrieval needed to be retried and the local SKB list already contained entries, the data was mistakenly spliced in the wrong direction, disrupting the intended flow. This vulnerability affects the stable version of the Linux kernel.

Impact

The vulnerability could cause incorrect handling of socket buffer timestamps, potentially leading to issues in network communication or performance.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: Dec 16, 2025, 4:03 PM

Updated: Dec 16, 2025, 4:03 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

1.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel io_uring Command Network Argument Type Misalignment Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating