CVE-2025-39822

MEDIUM 5.5

io_uring/kbuf: fix signedness in this_len calculation

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

5th

In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: fix signedness in this_len calculation When importing and using buffers, buf->len is considered unsigned. However, buf->len is converted to signed int when committing. This can lead to unexpected behavior if the buffer is large enough to be interpreted as a negative value. Make min_t calculation unsigned.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 16, 2025
Last Updated	Apr 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

cf9536e550dd243a1681fdbf804221527da20a80 < f4f411c068402c370c4f9a9d4950a97af97bbbb1 cf9536e550dd243a1681fdbf804221527da20a80 < c64eff368ac676e8540344d27a3de47e0ad90d21 c4dbca5be33c6203d2f611dbd7502f887e4cd954

Linux / Linux

6.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/f4f411c068402c370c4f9a9d4950a97af97bbbb1 git.kernel.org: https://git.kernel.org/stable/c/c64eff368ac676e8540344d27a3de47e0ad90d21