CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> io_uring/memmap: cast nr_pages to size_t before shifting<br /> <br /> If the allocated size exceeds UINT_MAX, then it&amp;#39;s necessary to cast<br /> the mr-&gt;nr_pages value to size_t to prevent it from overflowing. In<br /> practice this isn&amp;#39;t much of a concern as the required memory size will<br /> have been validated upfront, and accounted to the user. And &gt; 4GB sizes<br /> will be necessary to make the lack of a cast a problem, which greatly<br /> exceeds normal user locked_vm settings that are generally in the kb to<br /> mb range. However, if root is used, then accounting isn&amp;#39;t done, and<br /> then it&amp;#39;s possible to hit this issue.