CVE-2025-38002
BaseFortify
Publication date: 2025-06-06
Last updated on: 2025-11-14
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | 6.15 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's io_uring interface, specifically in the fdinfo functionality. The issue arises because the code does not consistently acquire the necessary uring_lock when reading SQE (Submission Queue Entry) fields, especially if the ring buffer is being resized concurrently. This can lead to inconsistent or incorrect information being read. The fix involves wrapping the entire io_uring_show_fdinfo() function in a trylock on uring_lock, which prevents output if the lock cannot be acquired, thereby avoiding the race condition.
How can this vulnerability impact me? :
This vulnerability can cause incorrect or inconsistent data to be read from the io_uring interface when the ring buffer is being resized concurrently. While the description does not specify direct security impacts such as privilege escalation or data leakage, the inconsistency could potentially lead to application errors or instability when interacting with io_uring, which might affect system reliability or behavior.