CVE-2025-21630

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel. The issue is related to the io uring/net component, where the kmsg->msg.msg inq variable may be used uninitialized. This can occur when the recv operation is not successful and the networking stack does not honor the ->msg get inq setting, resulting in the output value of ->msg inq not being filled as requested. The vulnerability can cause the next receive operation to use an inaccurate receive value hint. There is no side effect of using the uninitialized variable, but it may lead to inaccurate receive value hints.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.