[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-38106":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":64,"related":65,"reserved_at":9,"published_at":73,"modified_at":74,"state":75,"summary":76,"references_raw":85,"kevs":100,"epss":101,"epss_history":104,"metrics":364,"affected":370},"CVE-2025-38106","In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()\n\nsyzbot reports:\n\nBUG: KASAN: slab-use-after-free in getrusage+0x1109/0x1a60\nRead of size 8 at addr ffff88810de2d2c8 by task a.out/304\n\nCPU: 0 UID: 0 PID: 304 Comm: a.out Not tainted 6.16.0-rc1 #1 PREEMPT(voluntary)\nHardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003CTASK>\n dump_stack_lvl+0x53/0x70\n print_report+0xd0/0x670\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? getrusage+0x1109/0x1a60\n kasan_report+0xce/0x100\n ? getrusage+0x1109/0x1a60\n getrusage+0x1109/0x1a60\n ? __pfx_getrusage+0x10/0x10\n __io_uring_show_fdinfo+0x9fe/0x1790\n ? ksys_read+0xf7/0x1c0\n ? do_syscall_64+0xa4/0x260\n ? vsnprintf+0x591/0x1100\n ? __pfx___io_uring_show_fdinfo+0x10/0x10\n ? __pfx_vsnprintf+0x10/0x10\n ? mutex_trylock+0xcf/0x130\n ? __pfx_mutex_trylock+0x10/0x10\n ? __pfx_show_fd_locks+0x10/0x10\n ? io_uring_show_fdinfo+0x57/0x80\n io_uring_show_fdinfo+0x57/0x80\n seq_show+0x38c/0x690\n seq_read_iter+0x3f7/0x1180\n ? inode_set_ctime_current+0x160/0x4b0\n seq_read+0x271/0x3e0\n ? __pfx_seq_read+0x10/0x10\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __mark_inode_dirty+0x402/0x810\n ? selinux_file_permission+0x368/0x500\n ? file_update_time+0x10f/0x160\n vfs_read+0x177/0xa40\n ? __pfx___handle_mm_fault+0x10/0x10\n ? __pfx_vfs_read+0x10/0x10\n ? mutex_lock+0x81/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n ? fdget_pos+0x24d/0x4b0\n ksys_read+0xf7/0x1c0\n ? __pfx_ksys_read+0x10/0x10\n ? do_user_addr_fault+0x43b/0x9c0\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f0f74170fc9\nCode: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003C48> 3d 01 f0 ff ff 73 01 c3 48 8b 8\nRSP: 002b:00007fffece049e8 EFLAGS: 00000206 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0f74170fc9\nRDX: 0000000000001000 RSI: 00007fffece049f0 RDI: 0000000000000004\nRBP: 00007fffece05ad0 R08: 0000000000000000 R09: 00007fffece04d90\nR10: 0000000000000000 R11: 0000000000000206 R12: 00005651720a1100\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003C/TASK>\n\nAllocated by task 298:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_slab_alloc+0x6e/0x70\n kmem_cache_alloc_node_noprof+0xe8/0x330\n copy_process+0x376/0x5e00\n create_io_thread+0xab/0xf0\n io_sq_offload_create+0x9ed/0xf20\n io_uring_setup+0x12b0/0x1cc0\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 22:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kmem_cache_free+0xc4/0x360\n rcu_core+0x5ff/0x19f0\n handle_softirqs+0x18c/0x530\n run_ksoftirqd+0x20/0x30\n smpboot_thread_fn+0x287/0x6c0\n kthread+0x30d/0x630\n ret_from_fork+0xef/0x1a0\n ret_from_fork_asm+0x1a/0x30\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n kasan_record_aux_stack+0x8c/0xa0\n __call_rcu_common.constprop.0+0x68/0x940\n __schedule+0xff2/0x2930\n __cond_resched+0x4c/0x80\n mutex_lock+0x5c/0xe0\n io_uring_del_tctx_node+0xe1/0x2b0\n io_uring_clean_tctx+0xb7/0x160\n io_uring_cancel_generic+0x34e/0x760\n do_exit+0x240/0x2350\n do_group_exit+0xab/0x220\n __x64_sys_exit_group+0x39/0x40\n x64_sys_call+0x1243/0x1840\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe buggy address belongs to the object at ffff88810de2cb00\n which belongs to the cache task_struct of size 3712\nThe buggy address is located 1992 bytes inside of\n freed 3712-byte region [ffff88810de2cb00, ffff88810de2d980)\n\nwhich is caused by the task_struct pointed to by sq->thread being\nreleased while it is being used in the function\n__io_uring_show_fdinfo(). Holding ctx->uring_lock does not prevent ehre\nrelase or exit of sq->thread.\n\nFix this by assigning and looking up ->thread under RCU, and grabbing a\nreference to the task_struct. This e\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":25},"SUSE-SU-2025:02853-1",{"_key":27},"USN-7770-1",{"_key":29},"USN-7789-2",{"_key":31},"SUSE-SU-2025:02997-1",{"_key":33},"SUSE-SU-2025:03011-1",{"_key":35},"SUSE-SU-2025:21074-1",{"_key":37},"SUSE-SU-2025:21139-1",{"_key":39},"SUSE-SU-2025:21179-1",{"_key":41},"OPENSUSE-SU-2025:20081-1",{"_key":43},"RHSA-2026:3579",{"_key":45},"RHSA-2026:3966",{"_key":47},"DEBIAN-CVE-2025-38106",{"_key":49},"RHSA-2026:3088",{"_key":51},"RHSA-2026:4012",{"_key":53},"UBUNTU-CVE-2025-38106",{"_key":55},"USN-7769-1",{"_key":57},"USN-7769-2",{"_key":59},"USN-7769-3",{"_key":61},"USN-7771-1",{"_key":63},"USN-7789-1",[],[66,67,68,69,70,71,72],{"_key":25},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2025-07-03T08:35:16.215Z","2026-05-11T21:21:22.621Z","Analyzed",{"cisa_kev":77,"cisa_ransomware":77,"cisa_vendor":9,"epss_severity":78,"epss_score":79,"severity":80,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":75},false,"low",0.00052,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[86,92,96],{"url":87,"sources":88,"tags":90},"https://git.kernel.org/stable/c/af8c13f9ee040b9a287ba246cf0055f7c77b7cc8",[89,83],"cve.org",[91],"Patch",{"url":93,"sources":94,"tags":95},"https://git.kernel.org/stable/c/d0932758a0a77b38ba1b39564f3b7aba12407061",[89,83],[91],{"url":97,"sources":98,"tags":99},"https://git.kernel.org/stable/c/ac0b8b327a5677dc6fecdf353d808161525b1ff0",[89,83],[91],[],{"date":102,"score":79,"percentile":103},"2026-06-04",0.16494,[105,109,112,115,118,120,123,126,129,132,135,138,141,144,147,150,153,156,160,163,166,169,172,175,178,181,185,188,191,194,197,200,203,206,209,212,215,218,222,225,228,231,234,237,240,242,244,247,250,253,256,259,262,264,267,269,271,273,276,278,281,284,286,289,292,294,296,299,302,305,308,311,313,316,319,322,325,328,330,332,335,337,340,343,345,349,352,355,358,361],{"date":106,"score":107,"percentile":108},"2025-11-04",0.00032,0.08272,{"date":110,"score":107,"percentile":111},"2025-11-05",0.08283,{"date":113,"score":107,"percentile":114},"2025-11-06",0.08401,{"date":116,"score":107,"percentile":117},"2025-11-07",0.0842,{"date":119,"score":107,"percentile":117},"2025-11-08",{"date":121,"score":107,"percentile":122},"2025-11-09",0.08388,{"date":124,"score":107,"percentile":125},"2025-11-10",0.08347,{"date":127,"score":107,"percentile":128},"2025-11-11",0.08373,{"date":130,"score":107,"percentile":131},"2025-11-12",0.08408,{"date":133,"score":107,"percentile":134},"2025-11-13",0.08452,{"date":136,"score":107,"percentile":137},"2025-11-14",0.08501,{"date":139,"score":107,"percentile":140},"2025-11-15",0.08528,{"date":142,"score":107,"percentile":143},"2025-11-16",0.0854,{"date":145,"score":107,"percentile":146},"2025-11-17",0.08538,{"date":148,"score":107,"percentile":149},"2025-11-18",0.05018,{"date":151,"score":107,"percentile":152},"2025-11-19",0.05052,{"date":154,"score":107,"percentile":155},"2025-11-20",0.05102,{"date":157,"score":158,"percentile":159},"2025-11-21",0.00022,0.04908,{"date":161,"score":158,"percentile":162},"2025-11-22",0.04919,{"date":164,"score":158,"percentile":165},"2025-11-23",0.04911,{"date":167,"score":158,"percentile":168},"2025-11-24",0.04896,{"date":170,"score":158,"percentile":171},"2025-11-25",0.04907,{"date":173,"score":158,"percentile":174},"2025-11-26",0.04944,{"date":176,"score":158,"percentile":177},"2025-11-27",0.04963,{"date":179,"score":158,"percentile":180},"2025-11-28",0.04949,{"date":182,"score":183,"percentile":184},"2025-11-29",0.00011,0.00974,{"date":186,"score":183,"percentile":187},"2025-11-30",0.00885,{"date":189,"score":183,"percentile":190},"2025-12-01",0.00907,{"date":192,"score":183,"percentile":193},"2025-12-02",0.00902,{"date":195,"score":183,"percentile":196},"2025-12-03",0.00904,{"date":198,"score":183,"percentile":199},"2025-12-04",0.0089,{"date":201,"score":183,"percentile":202},"2025-12-05",0.00896,{"date":204,"score":183,"percentile":205},"2025-12-06",0.00897,{"date":207,"score":183,"percentile":208},"2025-12-07",0.00903,{"date":210,"score":183,"percentile":211},"2025-12-08",0.00908,{"date":213,"score":183,"percentile":214},"2025-12-09",0.00921,{"date":216,"score":183,"percentile":217},"2025-12-10",0.00931,{"date":219,"score":220,"percentile":221},"2025-12-11",0.00012,0.01404,{"date":223,"score":220,"percentile":224},"2025-12-12",0.01408,{"date":226,"score":220,"percentile":227},"2025-12-13",0.01395,{"date":229,"score":220,"percentile":230},"2025-12-14",0.01387,{"date":232,"score":220,"percentile":233},"2025-12-15",0.01383,{"date":235,"score":220,"percentile":236},"2025-12-16",0.01389,{"date":238,"score":220,"percentile":239},"2025-12-17",0.01392,{"date":241,"score":220,"percentile":233},"2025-12-18",{"date":243,"score":220,"percentile":230},"2025-12-19",{"date":245,"score":220,"percentile":246},"2025-12-20",0.01388,{"date":248,"score":220,"percentile":249},"2025-12-21",0.01398,{"date":251,"score":220,"percentile":252},"2025-12-22",0.014,{"date":254,"score":220,"percentile":255},"2025-12-23",0.01399,{"date":257,"score":220,"percentile":258},"2025-12-24",0.01402,{"date":260,"score":220,"percentile":261},"2025-12-25",0.01406,{"date":263,"score":220,"percentile":224},"2025-12-26",{"date":265,"score":220,"percentile":266},"2025-12-27",0.01403,{"date":268,"score":220,"percentile":258},"2025-12-28",{"date":270,"score":220,"percentile":239},"2025-12-29",{"date":272,"score":220,"percentile":246},"2025-12-30",{"date":274,"score":220,"percentile":275},"2025-12-31",0.01385,{"date":277,"score":220,"percentile":261},"2026-01-01",{"date":279,"score":220,"percentile":280},"2026-01-02",0.01409,{"date":282,"score":220,"percentile":283},"2026-01-03",0.01412,{"date":285,"score":220,"percentile":233},"2026-01-04",{"date":287,"score":220,"percentile":288},"2026-01-05",0.01391,{"date":290,"score":220,"percentile":291},"2026-01-06",0.01386,{"date":293,"score":220,"percentile":288},"2026-01-07",{"date":295,"score":220,"percentile":261},"2026-01-08",{"date":297,"score":220,"percentile":298},"2026-01-09",0.01421,{"date":300,"score":220,"percentile":301},"2026-01-10",0.01432,{"date":303,"score":220,"percentile":304},"2026-01-11",0.0143,{"date":306,"score":220,"percentile":307},"2026-01-12",0.01415,{"date":309,"score":220,"percentile":310},"2026-01-13",0.01413,{"date":312,"score":220,"percentile":307},"2026-01-14",{"date":314,"score":220,"percentile":315},"2026-01-15",0.01426,{"date":317,"score":220,"percentile":318},"2026-01-16",0.01435,{"date":320,"score":220,"percentile":321},"2026-01-17",0.01438,{"date":323,"score":220,"percentile":324},"2026-01-18",0.0145,{"date":326,"score":220,"percentile":327},"2026-01-19",0.01439,{"date":329,"score":220,"percentile":315},"2026-01-20",{"date":331,"score":220,"percentile":298},"2026-01-21",{"date":333,"score":220,"percentile":334},"2026-01-22",0.01424,{"date":336,"score":220,"percentile":321},"2026-01-23",{"date":338,"score":220,"percentile":339},"2026-01-24",0.01444,{"date":341,"score":220,"percentile":342},"2026-01-25",0.01443,{"date":344,"score":220,"percentile":327},"2026-01-26",{"date":346,"score":347,"percentile":348},"2026-01-27",0.00014,0.0191,{"date":350,"score":347,"percentile":351},"2026-01-28",0.01912,{"date":353,"score":347,"percentile":354},"2026-01-29",0.01929,{"date":356,"score":347,"percentile":357},"2026-01-30",0.01931,{"date":359,"score":347,"percentile":360},"2026-01-31",0.01952,{"date":362,"score":347,"percentile":363},"2026-02-01",0.01981,[365],{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":366,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":367,"vectorString":84,"impactScore":368,"exploitabilityScore":369},"HIGH",9.8,4.6,[371,391],{"ecosystem":9,"name":372,"vendor":373,"product":373,"cpe_part":374,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":375},"Linux","linux","a",[376,383,386,389],{"version":377,"is_range":378,"range_type":89,"version_start":379,"version_start_type":380,"version_end":381,"version_end_type":382,"fixed_in":9},">= 3fcb9d17206e31630f802a3ab52081d1342b8ed9, \u003C af8c13f9ee040b9a287ba246cf0055f7c77b7cc8",true,"3fcb9d17206e31630f802a3ab52081d1342b8ed9","including","af8c13f9ee040b9a287ba246cf0055f7c77b7cc8","excluding",{"version":384,"is_range":378,"range_type":89,"version_start":379,"version_start_type":380,"version_end":385,"version_end_type":382,"fixed_in":9},">= 3fcb9d17206e31630f802a3ab52081d1342b8ed9, \u003C d0932758a0a77b38ba1b39564f3b7aba12407061","d0932758a0a77b38ba1b39564f3b7aba12407061",{"version":387,"is_range":378,"range_type":89,"version_start":379,"version_start_type":380,"version_end":388,"version_end_type":382,"fixed_in":9},">= 3fcb9d17206e31630f802a3ab52081d1342b8ed9, \u003C ac0b8b327a5677dc6fecdf353d808161525b1ff0","ac0b8b327a5677dc6fecdf353d808161525b1ff0",{"version":390,"is_range":77,"range_type":89,"version_start":390,"version_start_type":380,"version_end":390,"version_end_type":380,"fixed_in":9},"6.9",{"ecosystem":9,"name":392,"vendor":373,"product":393,"cpe_part":394,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":395},"linux kernel","linux_kernel","o",[396,400,404],{"version":397,"is_range":378,"range_type":398,"version_start":390,"version_start_type":380,"version_end":399,"version_end_type":382,"fixed_in":9},"gte6.9_lt6.12.34","cpe","6.12.34",{"version":401,"is_range":378,"range_type":398,"version_start":402,"version_start_type":380,"version_end":403,"version_end_type":382,"fixed_in":9},"gte6.13_lt6.15.3","6.13","6.15.3",{"version":405,"is_range":77,"range_type":398,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.16:rc1"]