Upstream information
Description
In the Linux kernel, the following vulnerability has been resolved:io_uring/net: ensure vectored buffer node import is tied to notification
When support for vectored registered buffers was added, the import
itself is using 'req' rather than the notification io_kiocb, sr->notif.
For non-vectored imports, sr->notif is correctly used. This is important
as the lifetime of the two may be different. Use the correct io_kiocb
for the vectored buffer import.
SUSE information
Overall state of this security issue: Does not affect SUSE products
SUSE Bugzilla entry: 1255127 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Wed Dec 17 13:04:55 2025CVE page last modified: Wed Dec 17 13:04:55 2025