CVE-2025-39963— io_uring: fix incorrect io_kiocb reference in io_link_skb
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-39963
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
io_uring: fix incorrect io_kiocb reference in io_link_skb
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix incorrect io_kiocb reference in io_link_skb In io_link_skb function, there is a bug where prev_notif is incorrectly assigned using 'nd' instead of 'prev_nd'. This causes the context validation check to compare the current notification with itself instead of comparing it with the previous notification. Fix by using the correct prev_nd parameter when obtaining prev_notif.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于io_link_skb函数中错误使用nd参数而非prev_nd参数,可能导致上下文验证错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-39963
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-39963
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-10-09 · 10 CVEs total
| CVE-2025-39962 | rxrpc: Fix untrusted unsigned subtract | |
| CVE-2025-39961 | iommu/amd/pgtbl: Fix possible race while increase page table level | |
| CVE-2025-39960 | gpiolib: acpi: initialize acpi_gpio_info struct | |
| CVE-2025-39959 | ASoC: amd: acp: Fix incorrect retrival of acp_chip_info | |
| CVE-2025-39958 | iommu/s390: Make attach succeed when the device was surprise removed | |
| CVE-2025-39957 | wifi: mac80211: increase scan_ies_len for S1G | |
| CVE-2025-39955 | tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). | |
| CVE-2025-39956 | igc: don't fail igc_probe() on LED setup error | |
| CVE-2025-39954 | clk: sunxi-ng: mp: Fix dual-divider clock rate readback |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2025-39963
No comments yet