CVE-2025-68814
Description
In the Linux kernel, the following vulnerability has been resolved:
io_uring: fix filename leak in __io_openat_prep()
__io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak.
Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
74- osv-coords73 versionspkg:linux/kernelpkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-kvmsmall&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-livepatch-SLE15-SP7_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-obs-qa&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
>= 5.15.0, < 5.15.198+ 72 more
- (no CPE)range: >= 5.15.0, < 5.15.198
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.20.27.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.53.31.1.150700.17.21.1
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.4.0-39.1.21.16
- (no CPE)range: < 6.4.0-39.1.21.16
- (no CPE)range: < 6.12.0-160000.26.1.160000.2.7
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 1-150700.1.3.2
- (no CPE)range: < 1-150700.15.3.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-40.1
- (no CPE)range: < 6.4.0-40.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.7.31.2
- (no CPE)range: < 6.4.0-150700.20.27.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 6.4.0-39.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-40.1
- (no CPE)range: < 6.4.0-40.1
- (no CPE)range: < 6.4.0-150700.7.31.1
- (no CPE)range: < 6.4.0-150700.20.27.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.4.0-150700.7.31.1
- (no CPE)range: < 6.4.0-150700.53.31.1
- (no CPE)range: < 6.12.0-160000.26.1
- (no CPE)range: < 6.12.0-160000.26.1
Patches
Vulnerability mechanics
References
6- git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746nvd
- git.kernel.org/stable/c/2420ef01b2e836fbc05a0a8c73a1016504eb0458nvd
- git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45nvd
- git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9bnvd
- git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01nvd
- git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4nvd
News mentions
0No linked articles in our index yet.