CVE-2025-40047

CVSS v2.0

3.8

Low

Vector

AV:L/AC:H/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s io uring/waitid functionality. Specifically, the io waitid wait() function did not consistently remove its entry from the wait queue entry list upon a successful return. This could lead to a race condition if a cancellation was in progress and another invocation of the wait queue entry callback occurred simultaneously. The issue involves the handling of wait queue entries during the io waitid wait() process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-662

Related Identifiers

ALSA-2025:22854

BDU:2025-13616

CVE-2025-40047

INFSA-2025_21469

OPENSUSE-SU-2025:15702-1

OPENSUSE-SU-2025:20172-1

OPENSUSE-SU-2026:10301-1

RHSA-2025_21469

RHSA-2026:1727

SUSE-SU-2025:4393-1

SUSE-SU-2025:4516-1

SUSE-SU-2025:4517-1

SUSE-SU-2026:20012-1

SUSE-SU-2026:20015-1

SUSE-SU-2026:20021-1

USN-8029-1

USN-8029-2

USN-8029-3

USN-8030-1

USN-8048-1

USN-8095-1

USN-8095-2

USN-8095-3

USN-8095-4

USN-8095-5

USN-8100-1

USN-8125-1

USN-8126-1

USN-8165-1

USN-8261-1

Affected Products

Linuxmint

Linux Kernel

Red Hat

Ubuntu

CVE-2025-40047

Weakness Enumeration

Related Identifiers

Affected Products

References · 2040