CVE-2025-40291

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

08/12/2025

Last modified:

08/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix regbuf vector size truncation There is a report of io_estimate_bvec_size() truncating the calculated number of segments that leads to corruption issues. Check it doesn&#39;t overflow "int"s used later. Rough but simple, can be improved on top.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/146eb58629f45f8297e83d69e64d4eea4b28d972
https://git.kernel.org/stable/c/826ce37a842633efe1bb763e4b13045d74060d72