CVE-2025-40267 io_uring/rw: ensure allocated iovec gets cleared for early failure

🗓️ 06 Dec 2025 21:50:47Reported by LinuxType

CVE-2025-40267 fixes failure cleanup by clearing and freeing iovec to prevent leaks when caches overflow.

Reporter	Title	Published	Views	Family All 127
AstraLinux	Astra Linux - уязвимость в linux-5.10	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	6 Dec 202500:00	–	cnnvd
CVE	CVE-2025-40267	6 Dec 202521:50	–	cve
Debian CVE	CVE-2025-40267	6 Dec 202521:50	–	debiancve
EUVD	EUVD-2025-201588	7 Dec 202500:30	–	euvd
NVD	CVE-2025-40267	6 Dec 202522:15	–	nvd
OSV	BELL-CVE-2025-40267 CVE-2025-40267 does not affect BellSoft software	9 Dec 202506:06	–	osv
OSV	CVE-2025-40267 io_uring/rw: ensure allocated iovec gets cleared for early failure	6 Dec 202521:50	–	osv
OSV	DEBIAN-CVE-2025-40267	6 Dec 202522:15	–	osv
OSV	UBUNTU-CVE-2025-40267	6 Dec 202522:15	–	osv

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "io_uring/rw.c"
    ],
    "versions": [
      {
        "version": "9ac273ae3dc296905b4d61e4c8e7a25592f6d183",
        "lessThan": "094c6467fe05e0de618c5a7fcff4d3ee20aeaef8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9ac273ae3dc296905b4d61e4c8e7a25592f6d183",
        "lessThan": "d3c9c213c0b86ac5dd8fe2c53c24db20f1f510bc",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "io_uring/rw.c"
    ],
    "versions": [
      {
        "version": "6.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.14",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.17.9",
        "lessThanOrEqual": "6.17.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/094c6467fe05e0de618c5a7fcff4d3ee20aeaef8
git	www.git.kernel.org/stable/c/d3c9c213c0b86ac5dd8fe2c53c24db20f1f510bc

11 May 2026 21:46Current

EPSS0.00026