{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40364", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.187Z", "datePublished": "2025-04-18T13:50:24.257Z", "dateUpdated": "2025-04-18T13:50:24.257Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-04-18T13:50:24.257Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix io_req_prep_async with provided buffers\n\nio_req_prep_async() can import provided buffers, commit the ring state\nby giving up on that before, it'll be reimported later if needed."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["io_uring/io_uring.c"], "versions": [{"version": "c7fb19428d67dd0a2a78a4f237af01d39c78dc5a", "lessThan": "a1b17713b32c75a90132ea2f92b1257f3bbc20f3", "status": "affected", "versionType": "git"}, {"version": "c7fb19428d67dd0a2a78a4f237af01d39c78dc5a", "lessThan": "a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["io_uring/io_uring.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.129", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.78", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a1b17713b32c75a90132ea2f92b1257f3bbc20f3"}, {"url": "https://git.kernel.org/stable/c/a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3"}], "title": "io_uring: fix io_req_prep_async with provided buffers", "x_generator": {"engine": "bippy-1.1.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix io_req_prep_async with provided buffers\n\nio_req_prep_async() can import provided buffers, commit the ring state\nby giving up on that before, it'll be reimported later if needed."}], "id": "CVE-2025-40364", "lastModified": "2025-04-21T14:23:45.950", "metrics": {}, "published": "2025-04-18T14:15:23.100", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a1b17713b32c75a90132ea2f92b1257f3bbc20f3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: io_uring: fix io_req_prep_async with provided buffers", "id": "2360969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360969"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nio_uring: fix io_req_prep_async with provided buffers\nio_req_prep_async() can import provided buffers, commit the ring state\nby giving up on that before, it'll be reimported later if needed."], "name": "CVE-2025-40364", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-04-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-40364\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-40364\nhttps://lore.kernel.org/linux-cve-announce/2025041827-CVE-2025-40364-d93c@gregkh/T"], "statement": "No Red Hat products are affected by this flaw, as the io_uring subsystem is not enabled in any currently shipping kernel release. It could be enabled in latest versions of Red Hat Enterprise Linux only. The bug is about potential leak of memory and doesn't lead to any more severe security impact.", "threat_severity": "Low"}