CVE-2025-39963 – io_uring: fix incorrect io_kiocb reference in io_link_skb

CVE ID : CVE-2025-39963

Published : Oct. 9, 2025, 12:13 p.m. | 24 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix incorrect io_kiocb reference in io_link_skb

In io_link_skb function, there is a bug where prev_notif is incorrectly
assigned using ‘nd’ instead of ‘prev_nd’. This causes the context
validation check to compare the current notification with itself instead
of comparing it with the previous notification.

Fix by using the correct prev_nd parameter when obtaining prev_notif.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…