Security tracker / CVE-2025-37906

CVE-2025-37906

ublk: fix race between io_uring_cmd_complete_in_task and ublk_cancel_cmd

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 216c8f5ef0f2 ("ublk: replace monitor with cancelable uring_cmd").
 carnil> Vulnerable versions: 6.7.

Bugs

Status

Branch	Status
upstream	released (6.15-rc4) [f40139fde5278d81af3227444fd6e76a76b9506d]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.14-upstream-stable	released (6.14.6) [fb2eb9ddf556f93fef45201e1f9d2b8674bcc975]
6.12-upstream-stable	needed
6.6-upstream-stable	N/A "Vulnerable code not present"
6.1-upstream-stable	N/A "Vulnerable code not present"
5.10-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.16.3-1)
6.12-trixie-security	needed
6.1-bookworm-security	N/A "Vulnerable code not present"
5.10-bullseye-security	N/A "Vulnerable code not present"