CVE-2025-68814
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep()
CVSS
—
No CVSS
EPSS
0.2%
p7
KEV
—
Exploit Today
2
0-100
Published: Jan 13, 2026 · Last modified: Jul 14, 2026
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak. Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.
- git.kernel.orghttps://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746
- git.kernel.orghttps://git.kernel.org/stable/c/2420ef01b2e836fbc05a0a8c73a1016504eb0458
- git.kernel.orghttps://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45
- git.kernel.orghttps://git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9b
- git.kernel.orghttps://git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01
- git.kernel.orghttps://git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4
- cert-portal.siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-019113.html
No related CVEs by CWE or product.