CVE-2025-68805

Linux Kernel 6.14-6.18.2 - Use-After-Free in FUSE io-uring Request Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to list corruption and use-after-free issues. Remove the request from the queue's list for terminated non-committed requests.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/a6d1f1ace16d0e777a85f84267160052d3499b6e

Patch

https://git.kernel.org/stable/c/95c39eef7c2b666026c69ab5b30471da94ea2874

Scores

EPSS 0.0003

EPSS Percentile 10.8%

Details

Status published

Products (7)

linux/Kernel 6.14.0 - 6.18.3linux

Linux/Linux < 6.14

Linux/Linux 6.14

Linux/Linux 6.18.3 - 6.18.*

Linux/Linux 6.19

Linux/Linux c090c8abae4b6b77a1bee116aa6c385456ebef96 - 95c39eef7c2b666026c69ab5b30471da94ea2874

Linux/Linux c090c8abae4b6b77a1bee116aa6c385456ebef96 - a6d1f1ace16d0e777a85f84267160052d3499b6e

Published Jan 13, 2026

Tracked Since Feb 18, 2026