PT-2025-22168 · Linux+4 · Linux Kernel+4

Published

2025-04-25

Updated

2026-04-20

CVE-2025-37906

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists between io uring cmd complete in task and ublk cancel cmd in the Linux kernel. The ublk cancel cmd() function calls io uring cmd done() to complete the uring cmd, but a kernel crash can be triggered if task work is scheduled via io uring cmd complete in task() for dispatching a request while trying to cancel the command. This issue is resolved by not attempting to cancel the command if the ublk block request is started.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-366CWE-404CWE-362

Related Identifiers

BDU:2026-03284

CVE-2025-37906

USN-7649-1

USN-7649-2

USN-7650-1

USN-7665-1

USN-7665-2

USN-7721-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Ubuntu

PT-2025-22168 · Linux+4 · Linux Kernel+4

CVE-2025-37906

Weakness Enumeration

Related Identifiers

Affected Products

References · 144