CVE-2025-68805

In the Linux kernel, the following vulnerability has been resolved:

fuse: fix io-uring list corruption for terminated non-committed requests

When a request is terminated before it has been committed, the request
is not removed from the queue's list. This leaves a dangling list entry
that leads to list corruption and use-after-free issues.

Remove the request from the queue's list for terminated non-committed
requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
trixie
6.12.63-1
not-affected
bookworm
6.1.159-1
not-affected
bullseye (security)
5.10.247-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie (security)
6.12.48-1
fixed
forky
vulnerable
sid
6.18.3-1
fixed
References
https://git.kernel.org/stable/c/95c39eef7c2b666026c69ab5b30471da94ea2874
https://git.kernel.org/stable/c/a6d1f1ace16d0e777a85f84267160052d3499b6e