CVE-2025-38504 — Linux vulnerability

5 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 94.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedAug 16

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some other cases we can have allocated niovs on page pool destruction. Remove a misplaced warning checking that all niovs are returned to zcrx on io_pp_zc_destroy(). It was reported before but apparently got lost.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel6.15 — 6.15.7+1

▶CVEListV5linux/linux34a3e60821ab9f335a58d43a88cccdbefdebdec3 — ad9f1b5bed082b9c910e2a24bae0286a70846909+2

▶debiandebian/linux

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-6fwg-c2rw-7c32: In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some↗2025-08-16

▶

OSV

CVE-2025-38504: In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix pp destruction warnings With multiple page pools and in some ot↗2025-08-16

▶

📋Vendor Advisories

Red Hat

kernel: io_uring/zcrx: fix pp destruction warnings↗2025-08-16

▶

Debian

CVE-2025-38504: linux - In the Linux kernel, the following vulnerability has been resolved: io_uring/zc...↗2025

▶