CVE-2025-40216

Published: Dec 4, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't rely on user vaddr alignment There is no guaranteed alignment for user pointers, however the calculation of an offset of the first page into a folio after coalescing uses some weird bit mask logic, get rid of it.

Vendor	Product	Versions
Linux	Linux	affected `a8edbb424b1391b077407c75d8f5d2ede77aa70d - < 50998b0ae7d9d552e96d8b7239981cf05f65eff5` affected `a8edbb424b1391b077407c75d8f5d2ede77aa70d - < f16769241594be59387b56ab525e327f54377e60` affected `a8edbb424b1391b077407c75d8f5d2ede77aa70d - < 3a3c6d61577dbb23c09df3e21f6f9eda1ecd634b`
Linux	Linux	affected `6.12` unaffected `0 - < 6.12` unaffected `6.12.36 - <= 6.12.` unaffected `6.15.5 - <= 6.15.` unaffected `6.16 - <= *`

References

https://git.kernel.org/stable/c/50998b0ae7d9d552e96d8b7239981cf05f65eff5

https://git.kernel.org/stable/c/f16769241594be59387b56ab525e327f54377e60

https://git.kernel.org/stable/c/3a3c6d61577dbb23c09df3e21f6f9eda1ecd634b

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40216

Description

Affected Products

References