CVE-2025-40267

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s io uring/rw functionality. A previous commit intended to improve cleanup processes inadvertently introduced a memory leak. Specifically, if internal caches overflow during a request, the allocated iovec may not be properly freed when the request is aborted early, leading to a potential memory leak. The issue is related to the recycling infrastructure and the handling of allocated iovecs during early failure scenarios.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.