CVE-2025-38504
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-16

Last updated on: 2025-11-19

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on io_pp_zc_destroy(). It was reported before but apparently got lost.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-16
Last Modified
2025-11-19
Generated
2026-05-27
AI Q&A
2025-08-16
EPSS Evaluated
2026-05-25
NVD
CVE-2025-38504
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel 6.16
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability relates to the Linux kernel's io_uring subsystem, specifically involving the destruction of page pools (pp). There was a misplaced warning about ensuring all niovs (I/O vectors) are returned to the zero-copy receive (zcrx) on io_pp_zc_destroy(). The fix removes this incorrect warning, which could occur when multiple page pools are used and niovs remain allocated during page pool destruction.


How can this vulnerability impact me? :

The vulnerability involves warnings related to page pool destruction in the Linux kernel's io_uring subsystem. While the description does not specify direct security impacts, such issues could potentially lead to resource management problems or instability in systems using io_uring with multiple page pools.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart