PT-2025-10069 · Linux+5 · Linux Kernel+5

Caleb Sander Mateos

·

Published

2025-03-07

·

Updated

2025-11-12

·

CVE-2025-21837

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the io uring/uring cmd in the Linux kernel, where SQE data is accessed after prep has been done, potentially leading to data corruption if the application reuses the SQE before the original completes. The problem arises because uring cmd handles SQEs in a special way, making it susceptible to reading stale data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

ALSA-2025:20095
ALSA-2025:20518
CVE-2025-21837
INFSA-2025_20518
RHSA-2025:20095
RHSA-2025:20518
RHSA-2025_20518
SUSE-SU-2025:01951-1
SUSE-SU-2025:01967-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01967-1

Affected Products

Almalinux
Astra Linux
Linux Kernel
Red Hat
Rocky Linux
Suse