CVE-2025-21836
io_uring/kbuf: reallocate buf lists on upgrade
References
Notes
carnil> Introduced in 2fcabce2d7d34 ("io_uring: disallow mixed provided buffer group
carnil> registrations"). Vulnerable versions: 5.19.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.14-rc3) [8802766324e1f5d414a81ac43365c20142e85603]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
N/A "Fixed before branching point"
|
| 6.13-upstream-stable |
released (6.13.4) [2a5febbef40ce968e295a7aeaa5d5cbd9e3e5ad4]
|
| 6.12-upstream-stable |
released (6.12.16) [7d0dc28dae836caf7645fef62a10befc624dd17b]
|
| 6.6-upstream-stable |
released (6.6.79) [146a185f6c05ee263db715f860620606303c4633]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
N/A "Vulnerable code not present"
|
| sid |
released (6.12.16-1)
|
| 6.12-trixie-security |
N/A "Fixed before branching point"
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
N/A "Vulnerable code not present"
|
