Home

Description

In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to list corruption and use-after-free issues. Remove the request from the queue's list for terminated non-committed requests.

PUBLISHED Reserved 2025-12-24 | Published 2026-01-13 | Updated 2026-02-09 | Assigner Linux

Product status

Default status
unaffected

c090c8abae4b6b77a1bee116aa6c385456ebef96 (git) before a6d1f1ace16d0e777a85f84267160052d3499b6e
affected

c090c8abae4b6b77a1bee116aa6c385456ebef96 (git) before 95c39eef7c2b666026c69ab5b30471da94ea2874
affected

Default status
affected

6.14
affected

Any version before 6.14
unaffected

6.18.3 (semver)
unaffected

6.19 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/a6d1f1ace16d0e777a85f84267160052d3499b6e

git.kernel.org/...c/95c39eef7c2b666026c69ab5b30471da94ea2874

cve.org (CVE-2025-68805)

nvd.nist.gov (CVE-2025-68805)

Download JSON