CVE-2025-40216
Linux Kernel 6.12-6.12.35, 6.13-6.15.4, 6.16 - Use-After-Free in io_uring Resource Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: don't rely on user vaddr alignment There is no guaranteed alignment for user pointers, however the calculation of an offset of the first page into a folio after coalescing uses some weird bit mask logic, get rid of it.
References (3)
Core 3
Scores
EPSS
0.0016
EPSS Percentile
5.6%
Details
Status
published
Products (10)
linux/Kernel
6.12.0 - 6.12.36linux
linux/Kernel
6.13.0 - 6.15.5linux
Linux/Linux
< 6.12
Linux/Linux
6.12
Linux/Linux
6.12.36 - 6.12.*
Linux/Linux
6.15.5 - 6.15.*
Linux/Linux
6.16
Linux/Linux
a8edbb424b1391b077407c75d8f5d2ede77aa70d - 3a3c6d61577dbb23c09df3e21f6f9eda1ecd634b
Linux/Linux
a8edbb424b1391b077407c75d8f5d2ede77aa70d - 50998b0ae7d9d552e96d8b7239981cf05f65eff5
Linux/Linux
a8edbb424b1391b077407c75d8f5d2ede77aa70d - f16769241594be59387b56ab525e327f54377e60
Published
Dec 04, 2025
Tracked Since
Feb 18, 2026