CVE-2025-21836
Published Mar 7, 2025
Last updated 3 months ago
AI description
CVE-2025-21836 is a vulnerability in the Linux kernel's io_uring subsystem, specifically within the handling of buffer lists. The vulnerability arises from the `IORING_REGISTER_PBUF_RING` functionality, where an old `struct io_buffer_list` could be reused if it was initially created for a legacy selected buffer and has since been emptied. This reuse violates the requirement that most fields within the structure should remain stable after publication. The core issue lies in the `iouring/kbuf` component, where the incorrect reuse of the `io_buffer_list` can lead to instability and unexpected behavior within the io_uring subsystem. A patch has been implemented to address this by ensuring that buffer lists are always reallocated instead of being reused.
- Description
- In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field should stay stable after publish. Always reallocate it instead.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Received
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
18