CVE-2025-68294

Published: Dec 16, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification io_kiocb, sr->notif. For non-vectored imports, sr->notif is correctly used. This is important as the lifetime of the two may be different. Use the correct io_kiocb for the vectored buffer import.

Vendor	Product	Versions
Linux	Linux	affected `23371eac7d9a9bca5360cfb3eb3aa08648ee7246 - < 14459281e027f23b70885c1cc1032a71c0efd8d7` affected `23371eac7d9a9bca5360cfb3eb3aa08648ee7246 - < f6041803a831266a2a5a5b5af66f7de0845bcbf3`
Linux	Linux	affected `6.15` unaffected `0 - < 6.15` unaffected `6.17.11 - <= 6.17.` unaffected `6.18 - <= `

References

https://git.kernel.org/stable/c/14459281e027f23b70885c1cc1032a71c0efd8d7

https://git.kernel.org/stable/c/f6041803a831266a2a5a5b5af66f7de0845bcbf3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-68294

Description

Affected Products

References