CVE-2025-38504

high

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on io_pp_zc_destroy(). It was reported before but apparently got lost.

References

https://git.kernel.org/stable/c/ad9f1b5bed082b9c910e2a24bae0286a70846909

https://git.kernel.org/stable/c/203817de269539c062724d97dfa5af3cdf77a3ec

Details

Source: Mitre, NVD

Published: 2025-08-16

Updated: 2025-08-18

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018