CVE-2025-21837

March 7, 2025, 9:15 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/uring_cmd: unconditionally copy SQEs at prep time This isn't generally necessary, but conditions have been observed where SQE data is accessed from the original SQE after prep has been done and outside of the initial issue. Opcode prep handlers must ensure that any SQE related data is stable beyond the prep phase, but uring_cmd is a bit special in how it handles the SQE which makes it susceptible to reading stale data. If the application has reused the SQE before the original completes, then that can lead to data corruption. Down the line we can relax this again once uring_cmd has been sanitized a bit, and avoid unnecessarily copying the SQE.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/87fe1d68842a308998b315c8ed0163a1d639017c
https://git.kernel.org/stable/c/d6211ebbdaa541af197b50b8dd8f22642ce0b87f

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-03-07
CVE-2025-21837

Timeline

Published: March 7, 2025, 9:15 a.m.
Last Modified: March 7, 2025, 9:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.