Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: io_uring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification io_kiocb, sr->notif. For non-vectored imports, sr->notif is correctly used. This is important as the lifetime of the two may be different. Use the correct io_kiocb for the vectored buffer import.
References
- https://git.kernel.org/stable/c/14459281e027f23b70885c1cc1032a71c0efd8d7
- https://git.kernel.org/stable/c/f6041803a831266a2a5a5b5af66f7de0845bcbf3
FAQ
What is CVE-2025-68294?
CVE-2025-68294 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: io_uring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, t...
How severe is CVE-2025-68294?
CVSS scoring is not yet available for CVE-2025-68294. Check NVD for updates.
Is there a patch for CVE-2025-68294?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.